Ashley Madison website hacked: Hackers intend to sell online information for huge profit

A 'hacking insider' has claimed the self-titled 'Impact Group' will sell the data rather than release it online

Click to follow
The Independent Tech

A hacked adultery website has left millions of users fearful their marital indiscretions may be publicly exposed as it emerged hackers are reportedly looking to sell their data to the highest bidder.

The AshleyMadison website, which promises a reported 37 million users complete "anonymity" as they pursue extramarital affairs, was targeted by a group known only as the ‘Impact Team’ - who have promised to release users’ information unless the website goes offline.

The hackers claim they have accessed "all the customers' secret sexual fantasies and matching credit card transactions" and are planning to publish the details after the hack last Sunday.

But a hacking insider claimed to Sky News that the hackers are “bluffing” and will seek to profit from the attack.

"I don’t think they're going to release them. They have a better chance of selling on to someone else or to a 'Blackcat Market' on the 'Deep Web'. They’ll profit from this in a big way, especially with the size of this database," the insider – known only as ‘Vinnie’ – claimed.

Launched in 2001, the AshleyMadison website, owned by Canadian company Avid Life Media (ALM) and dubbed the ‘Google of cheating’, entices users with the tagline: ‘Life is short. Have an affair.’

It is estimated to have 37 million users across 50 countries - including over a million Britons.

As of this morning, the website appeared to be offline. ALM’s chief executive Niel Biderman confirmed the hack last week, telling KrebsOnSecurity his company was working “feverishly” to take down users’ confidential information.

A list of demands, published online by the ‘Impact Team’, appear to indicate the hack is the result of the company’s “full delete” policy, which caused some controversy last year.

The disgruntled hackers claim AshleyMadison’s delete option – where users pay up to £12 ($19) to scrub their account details from the website – was a “complete lie” as some personal information was retained by the company.

An ALM spokesperson apologised for the “unprovoked and criminal intrusion into our customers' information.

"We have been able to secure our sites, and close the unauthorised access points,” they told the BBC.