In a PGP-signed statement,1 a group of freedom fighters2 known only as "The Impact Team" followed up on their promise to release the database of user information that they rightfully obtained from Avid Life Media's Ashley Madison, a popular dating website dedicated to fostering extramarital relations, and Established Men, a website dedicated to pairing up beautiful young women with successful older men.
Brian Krebs, who broke the original story, claims to have now confirmed that the full leak is legitimate and that user names, addresses, and the last four digits of user credit cards have now been made public. The site had 37 million users at the time of the hack, though it's still unknown how many of those users have been affected, or how many there are at this time, now one month after The Impact Team demanded that Ashley Madison's swiss cheese security stack be put out of its misery and retired once and for all.
In response to today's full leak, Avid Life Media continues to admit no wrongdoing, very much like BitLove LLC did back in February after FetLife was "hacked," and continues to "monitor" and "investigate" the situation without either taking down their mismanaged operation or actually fixing the known issues with their database security. In the entire papering over of malfeasance by ALM, of which there's been absolutely no shortage, the prestigious Most Unintentionally Humourous Denial Award goes to Raja Bhatia, Ashley Madison's founding CTO, who said "If there is a full credit card data in a dump, it's not from us, because we don't even do that."
And if they find an entire straw man in the dump, we can only suppose that Ashley Madison didn't do that either.
Avid Life Media has failed to take down Ashley Madison and Established Men. We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data.
Find someone you know in here? Keep in mind the site is a scam with thousands of fake female profiles. See ashley madison fake profile lawsuit; 90-95% of actual users are male. Chances are your man signed up on the world's biggest affair site, but never had one. He just tried to. If that distinction matters.
Find yourself in here? It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you'll get over it.
Any data not signed with key 6E50 3F39 BA6A EAAD D81D ECFF 2437 3CD5 74AB AA38 is fake.
Naturally, the woefully incompetent Avid Life Media Chief Executive Officer Noel Biderman called the group "cyber-terrorists," very much in the same vein as Darkode or The Pirate Bay Four, but this is no more genuine than the marketplace thief who bumps into you, steals your wallet out of your pocket in broad daylight, and then screams "THIEF!" at you before he ducks into the shadows with your ID and money. ↩