|Snapshot of Ashley Madison‘s website|
If you’re one of those over 37 million members signed up with Ashley Madison, you may want to start packing your bags now as your private details and (private parts, who knows), may be exposed for all to see. News of their site being hacked has been spreading faster than a rumour in a workplace.
In the meantime, ALM has released a statement with all the usual crap stating they know what’s going on, they told the police, they are working on catching the bad guys, they are sorry it happened, blah blah blah. (See the actual media statement at the end of this post).
As for those hacker(s), The Impact Team is the name they’re using and they ain’t screwing around, uh sorry.
The hackers said that Avid Life Media “has been instructed” to take Ashley Madison “offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”
They’ve even posted online, that ALM lied to its customers about erasing all their profile information when they pay a fee of $19 when in fact all the information was still there.
"Full Delete netted [Avid Life Media] $1.7 million in revenue in 2014. It's also a complete lie," the hackers were quoted as saying in a manifesto published by Krebs. "Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed."
Sounds like an inside job to us.
ALM, of course, has already released their defensive response contrary to that statement which you can also read in their statement below. The hack was first announced by KrebsOnSecurity blog, which cited ALM Chief Executive Noel Biderman who said that the company was “working diligently and feverishly” to take down ALM’s intellectual property. “We’re not denying this happened,” Biderman said. “Like us or not, this is still a criminal act.”
It’s unclear how much of the AshleyMadison user account data has been posted online. For now, it appears the hackers have published a relatively small percentage of AshleyMadison user account data and are planning to publish more for each day the company stays online.
“Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers continued. “Too bad for ALM, you promised secrecy but didn’t deliver. We’ve got the complete set of profiles in our DB dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”
Oh, one more thing. Guess which three countries are the top cheaters according to miss Ashley Madison? Canada, USA and Australia. You have been warned! Now make haste! Pack your bags before things get real nasty!
Ashley Madison's media statement released JULY 20 – 12:25PM:
We were recently made aware of an attempt by an unauthorized party to gain access to our systems. We apologize for this unprovoked and criminal intrusion into our customers’ information. We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world.
At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible. Using the Digital Millennium Copyright Act (DMCA), our team has now successfully removed the posts related to this incident as well as all Personally Identifiable Information (PII) about our users published online.
Contrary to current media reports, and based on accusations posted online by a cyber criminal, the “paid-delete” option offered by AshleyMadison.com does in fact remove all information related to a member’s profile and communications activity. The process involves a hard-delete of a requesting user’s profile, including the removal of posted pictures and all messages sent to other system users’ email boxes. This option was developed due to specific member requests for just such a service, and designed based on their feedback.
As our customers’ privacy is of the utmost concern to us, we are now offering our full-delete option free to any member, in light of today’s news.
Let this be a lesson to all:
Lesson learned from the #AshleyMadison hack:— CNNMoney (@CNNMoney) July 20, 2015
Don't share your secrets online http://t.co/LxTBGsaSW6 by @Jose_Pagliery pic.twitter.com/xVVfUulgyn
Source(s): rt | itnerd | krebonsecurity | Illustrations © graphicstock