Ashley Madison hackers release data of 32 million users

After hacking Ashley Madison last month, attackers named the Impact Team, demanded the website's owners, Avid Life Media, take down it and its partner website Established Men.

Avid Life Media refused.

On Tuesday, the Impact Team announced on Reddit they were releasing 9.7GB of Ashley Madison user data – which appears legitimate. Names, addresses, email accounts and credit card transaction details of 32 million Ashley Madison users dating back to 2007 have been published. Whole credit card details were not released, only the last four digits. The data also included the type of experiences users were after.

Message released by the Impact Team

Avid Life Media's password encryption method was also revealed in the release. Passwords were secured using the bcrypt algorithm for PHP.

Robert Graham, CEO of security firm Erratasec, said despite the encryption, it was still likely only a matter of time before hackers would crack the passwords. Graham did praise Avid Media Life for at least encrypting user passwords when many other hacked websites clearly did not.

"We’re so used to seeing cleartext and MD5 hashes ... It’s refreshing to see bcrypt actually being used.”

Avid Life Media condemned the attack as a crime and not hacktivism in a statement.

Source: Wired

Report a problem with article
Previous Story

External graphics docks over USB/Thunderbolt are almost upon us

Next Story

VAIO to return to the U.S. market with the Z Canvas

86 Comments - Add comment

Advertisement