fb-pixel Skip to main content

Hackers expose millions on cheating site; some in US government

A day of dread for 39 million users of Ashley Madison website

Hackers say they dumped 9.7 gigabytes of data into the dark Web. GETTY IMAGES

LONDON — Hackers say they have exposed unfaithful partners across the world, posting what they said were the personal details of millions of people registered with cheating website Ashley Madison.

A message posted by the hackers alongside their massive trove accused Ashley Madison’s owners of deceit and incompetence and said the company had refused to bow to their demands to close the site.

‘‘Now everyone gets to see their data,’’ the statement said.

Ashley Madison has long courted attention with its claim to be the Internet’s leading facilitator of extramarital liaisons, boasting of having nearly 39 million members and that ‘‘thousands of cheating wives and cheating husbands sign up every day looking for an affair.’’


Its owner, Toronto-based Avid Life Media Inc., which has acknowledged suffering an electronic break-in, said in a statement Tuesday it was investigating the hackers’ assertion. US and Canadian law enforcement are involved in the probe, the company said.

The Associated Press wasn’t immediately able to determine the authenticity of the leaked files, although many analysts who have scanned the data believe it is genuine.

TrustedSec chief executive Dave Kennedy said the information dump included full names, passwords, street addresses, credit card information, and ‘‘an extensive amount of internal data.’’ In a separate blog, Errata Security chief executive Rob Graham said the information released included details such as users’ height, weight, and GPS coordinates. He said men outnumbered women on the service five to one.

Avid Life Media declined to comment Wednesday beyond its statement. The hackers also didn’t immediately return e-mails.

The prospect of millions of adulterous partners being publicly shamed drew widespread attention, but the sheer size of the database — and the technical savvy needed to navigate it — means it’s unlikely to lead to an immediate rush to divorce courts.

‘‘Unless this Ashley Madison information becomes very easily accessible and searchable, I think it is unlikely that anyone but the most paranoid or suspecting spouses will bother to seek out this information,’’ New York divorce attorney Michael DiFalco said in an e-mail. ‘‘There are much simpler ways to confirm their suspicions.’’


Although many users may have signed up out of curiosity and some have little more to fear than embarrassment, the consequences for others could reverberate beyond their marriages. The French leak monitoring firm CybelAngel said it counted 1,200 e-mail addresses in the data dump with the .sa suffix, suggesting users were connected to Saudi Arabia, where adultery is punishable by death.

CybelAngel also said it counted some 15,000 .gov or .mil addresses in the dump, suggesting that American soldiers, sailors, and government employees had opened themselves up to possible blackmail. Using a government e-mail to register for an adultery website may seem foolish, but Cybel-Angel executive Damien Damuseau said there was a certain logic to it. Using a professional address, he said, keeps the messages out of personal accounts ‘‘where their partner might see them.’’

‘‘It’s not that dumb,’’ Damuseau said.

How many of the people registered with Ashley Madison actually used the site to seek sex outside their marriage is an unresolved question. But whatever the final number, the breach is still a humbling moment for Ashley Madison, which had made discretion a key selling point. In a television interview last year, chief executive Noel Biderman described the company’s servers as ‘‘kind of untouchable.’’