“The Impact Team” hack group says unless the Ashley Madison site isn’t shut down they will release personal data from the sex website, exposing millions of members’ names, financial information, nude photos & members’ sexual fantasies.

By Ilan Gattegno, Israel Hayom Staff & Associated Press

Around 180,000 Israelis, as well as millions of other people around the world, are concerned about their privacy after the parent company of Ashley Madison, a matchmaking website for cheating spouses, says it was hacked and that the personal information of some of its users was posted online.

Some 37 million Ashley Madison users may have their personal information posted online – Photo: AP

The group behind the attack is threatening to release all of the site’s personal information — including its members’ sexual fantasies, nude photos, financial information, online conversations and real names and addresses — if the company does not take Ashley Madison offline, according to a prominent security blog.

Ashley Madison, whose slogan is “Life is short. Have an affair,” purports to have 37 million members, among them some 180,000 Israelis whose personal data is now at risk.

Ashley Madison’s parent company, Toronto-based Avid Life Media Inc., says it has had the hackers’ posts — which included snippets of personal information — taken down and has hired a technology security firm. The company and law enforcement agencies are investigating.

The breach was first reported late Sunday by Brian Krebs of KrebsonSecurity, a website that focuses on cybersecurity.

The hacking follows the May breach of the dating website Adult FriendFinder, which involved the theft of names, email addresses and information about the sexual orientations and habits of up to 4 million of that site’s members.

According to Krebs, the Ashley Madison hacker or hackers called themselves “The Impact Team” and posted large caches of data from the Ashley Madison site, claiming to have compromised user databases, financial records and other information.

As well as random personal data from members, the hackers also posted maps of the company’s internal servers, employee network account information, company bank account data, and salary information, Krebs says.

The hackers also posted a manifesto accusing Avid Life Media of lying to its customers about a $19 service that would scrub all of their personal information from its data bases, saying that the data does not actually go away, Krebs says.

The hackers say that if Avid Life does not take its Ashley Madison and Established Men sites offline — the latter widely referred to as a “sugar daddy” site — it will release all the company’s information.

Avid Life released a statement Monday saying that it has been able to secure its sites and close the back doors into its systems.

“We are working with law enforcement agencies, which are investigating this criminal act,” the company’s statement reads. “Any and all parties responsible for this act of cyber-terrorism will be held responsible.”

In an interview with KrebsonSecurity, Avid Life Chief Executive Noel Biderman said, “We’re not denying this happened,” and that “Like us or not, this is still a criminal act.”

Biderman said the company has zeroed in on a potential culprit, a person who was not an employee but had “touched our technical services.”

After the hacking, it is likely that the company’s plans of an initial public offering in London to the tune of $200 million will have to be put on hold.

View original Israel Hayom publication at: http://www.israelhayom.com/site/newsletter_article.php?id=27013