Hackers of AshleyMadison.com, a site for people seeking others to have affairs or cheat, is threatening to post highly sensitive information about millions of users online if the site is not permanently shut down.
One of the latest data breaches in the U.S. compromised information of a particularly sensitive nature.
Owners of the website AshleyMadison.com confirmed Monday that the site experienced an unauthorized attempt to gain access to its systems, reported USA Today.
AshleyMadison.com is a dating site of a very different nature — it targets people who are married or in committed relationships and want to have an affair or cheat on their significant others, discreetly.
According to the website Krebs On Security (KOS), information on some 37 million users was stolen and samples have already been posted online, including financial information and "other proprietary information."
In addition to information on users of that site and two other sites owned by parent company Avid Life Media — Cougar Life and Established Men — other information sensitive to the company's operations, such as maps of internal servers and information on the company's employees, including salary amounts, were also stolen, with samples already posted online.
A hacker group calling itself "The Impact Team" allegedly takes responsibility for the breach, according to Krebs On Security. KOS said the group posted a long manifesto of sorts alongside the stolen data they posted online.
The group said the hack was revenge for false advertisements from the company. Namely, The Impact Team said AshleyMadison.com and Established Men offer a service that promises to completely wipe a user's profile information from the site, including site usage history and all personal profile information, for a $19 fee. However, the hackers say although the site promises all the information is completely deleted once a user pays the fee, they were still able to access some user information on the company's servers, such as names, addresses and purchase information.
The manifesto goes on to deliver a huge threat — the hackers demand that Avid Life Media shut down the sites AshleyMadison.com and Established Men completely and permanently, or they will release all customer information, including profiles, credit card information, and even nude pictures and details of some users' private sexual lives.
Avid Life Media reportedly told WIRED Magazine that they are "close" to identifying the hackers responsible, and told both WIRED and USA Today that since the breach, their sites have been re-secured. KOS reports that the company's CEO told them they have strong reason to believe one of the main hackers responsible for the breach may have been a former contractor who had access to the company's servers.
Avid Life Media has not given any clue as to whether it intends to give in to the hackers' demands and shut down their sites — but the hackers said they intend to release information on more users for each day AshleyMadison.com and Established Men stay up and running. The hackers say among the users whose information they stole are many "rich and powerful" people.
This is not the first such breach of sensitive, personal information from a dating or "hookup" website. The site AdultFriendFinder.com experienced a breach of its own systems just a few short months ago.