The massive leak attributed to the hackers who rooted to the Ashley Madison dating website for cheaters has been confirmed to be genuine. As if that wasn’t bad enough, the 10 gigabytes of data—compressed, no less—is far more wide-ranging than almost anyone could have imagined.
Researchers are still poring over the unusually large dump, but already they say it includes user names, first and last names, and hashed passwords for 33 million accounts, partial credit card data, street names, and phone numbers for huge numbers of users, records documenting 9.6 million transactions, and 36 million e-mail addresses. While much of the data is sure to correspond to anonymous burner accounts, it’s a likely bet many of them belong to real people who visited the site for clandestine encounters. For what it’s worth, more than 15,000 of the e-mail addresses are hosted by US government and military servers using the .gov and .mil top-level domains. Read More.
The 9.7-gigabyte encrypted file now online purports to reveal the personal data of over 30 million Ashley Madison users, including their login details, payment transactions, names, street addresses and, yes, their self-described sexual fantasies. And one analysis of the massive data dump has left email and IT experts especially intrigued: Some 15,000 Ashley Madison accounts are registered to the .gov and .mil domains that host government and military email accounts.
Not all these government-related email addresses are likely to belong to authentic Ashley Madison users; the site doesn’t require its free users to validate their emails. But there’s a high likelihood a few would-be cheaters felt perfectly ok to use their work emails to sign up to cheat on their partners. What on earth were they thinking? Read More.
At the heart of the hacker’s platform is a controversial “full delete” option advertised on AshleyMadison.com – a service that, for $20, supposedly allows a user to get out and scrub their account completely. Evidently for cheaters who have had enough of their illicit, sexual improprieties, or for those spouses who simply get cold feet over the idea of shagging a stranger.
In a long manifesto, The Impact Team essentially called the delete option a lie, and hacked the stored info to prove it.
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.” Read More.
“You don’t have any good way to ever ensure that that data is gone,” said Doug White, a digital forensics expert who also teaches at Roger Williams University.
Auditing a site’s deletion claims can be nearly impossible, Mr. White and other experts said. Even if the site says it will delete user data, there is no sure way for customers to check if the data is permanently gone. Read More.
Thousands of clients using the affair-oriented Ashley Madison website listed email addresses registered to the White House, top federal agencies and military branches, a data dump by hackers revealed.
The detailed data, released Tuesday, will likely put Washington, D.C., on edge. The nation’s capital reportedly has the highest rate of membership for the site of any city.
Indeed, more than 15,000 of the email addresses used to register accounts were hosted on government and military servers. Read More.
Embattled reality TV star Josh Duggar allegedly had two accounts with the adultery website Ashley Madison which claims to protect anonymity for procuring adulterous affairs.
The story, first reported by the media news site Gawker, could potentially be another blow to Josh, 27, and the Duggar clan, whose reality show “19 Kids and Counting” was canceled by TLC in July. Read More.
My Way News
The AP traced many of the accounts exposed by hackers back to federal workers. They included at least two assistant U.S. attorneys; an information technology administrator in the Executive Office of the President; a division chief, an investigator and a trial attorney in the Justice Department; a government hacker at the Homeland Security Department and another DHS employee who indicated he worked on a U.S. counter-terrorism response team. Read More.
Reports of a second wave of secret documents revealed from the hacked infidelity site.
Hackers ‘the Impact Team’ posted another huge tranche – amounting to 20GB of files – on the same dark web.
They boasted of the second wave directly to the beleaguered company’s CEO multi-millionaire Noel Biderman
‘Hey Noel, you can admit it’s real now’, the message read.
The company has refused to admit all the information that has been released came from their site.
First wave included 9.7 gigabytes of raw data including names, addresses, phone numbers and sexual fantasies of registered users.
University of Texas, Sony, Boeing and Bank of America all appear in domain names of alleged users posted online.
Government workers with sensitive White House, law enforcement and congress jobs have admitted using the site after being exposed.
Pentagon and FBI are now investigating the leak amid fears it provides potential for blackmail of government officials. Read More.