Ashley Madison hackers release fresh data dump, corporate secrets

The hackers behind the high-profile attack have made good on their promise and released more sensitive data to the Web.
Written by Charlie Osborne, Contributing Writer

The leak of Ashley Madison's subscriber account data isn't enough -- hackers responsible for breaking into the affairs website have released a new dump which targets the firm's parent company.

In July, Ashley Madison became the target of a hacking group called the Impact Team which claimed to have broken into the company's servers and stolen data related to its members. The website in question is used for casual encounters and affairs, well-known for the slogan "Life is short. Have an affair." Ashley Madison claimed to cater for 37 million members in over 40 countries, and the hackers threatened to release data identifying users.

Specifically, the group objected to a "paid delete" function Ashley Madison offered. In return for a fee, subscribers were able to permanently delete their information -- including emails and credit card details -- but according to Impact Team, the information was still saved on the firm's servers.

The hackers said unless Ashley Madison was removed from the Internet, they would release the stolen information.

Ashley Madison, owned by parent company Avid Life Media, did not bow to the threat. On 18 August, Impact Team released a data dump approximately 10GB in size which contained member information including email addresses and credit card details.

However, this was not the end of the story.

Impact Team have now launched a second data dump into cyberspace which is almost double the size. Within the dump, available through the Dark Web and via torrent, appears to contain information stolen from Ashley Madison's parent company.

As reported by Reuters, the information leak seems to contain email messages related to Noel Biderman, the CEO and founder of Avid Life Media.

A message accompanying the data dump says "Hey Noel, you can admit it's real now." However, according to a number of security experts and Motherboard, the 13GB file allegedly containing the emails of the executive is corrupt -- while other parts of the data dump, such as website source code and company data, remains intact.

Researchers from TrustedSec say they believe the accessible files are legitimate, although they do not plan to analyze in depth due to the sensitive nature of the leak. The cybersecurity firm said in a blog post:

"Interesting enough -- if this turns out to be legitimate which it in all aspects appears to be -- having full source code to these websites means that other hacker groups now have the ability to find new flaws in Avid Life's websites, and further compromise them more."

See also: Ashley Madison hack: A savage wake-up call which is only the beginning

The data breach has not only resulted in US authorities investigating a number of military and government accounts discovered in the first information leak, but a surge of panic is being felt by thousands of former members -- and high-profile figures, including family values campaigner Josh Duggar, have admitted publicly to cheating. Across the Web, the damage caused by this data breach is so destructive that some former members state they are contemplating suicide, while others have begun searching for the details of spouses, bosses and community figures.

In Canada, where Ashley Madison is based, a class-action lawsuit has been lodged against the firm, seeking damages of up to $760 million on behalf of Canadians whose data has been leaked online.

Safari browser extensions you never knew you needed

Read on: Top picks

In pictures:

Editorial standards