2.7 lakh Indians at risk after cheating website Ashley Madison gets hacked: Report

The most recent website to be attacked by hackers has been cheating website Ashley Madison. Hackers who go by the name, ‘The Impact Team’ claim that to have personal details of more than 37 million cheating spouses and have threatened to release nude photos and sexual fantasies of the site’s clients unless it is shut down. The group had taken over Ashley Madison’s Canadian parent Avid Media systems, including customer databases, source code, financial records and emails, according to a screen grab shown on the KrebsOnSecurity blog. The hackers also demanded the closure of another of Avid Life Media’s sites, sugar-daddy site “Established Men”, but did not target the company’s “CougarLife” site, which caters for women members looking for “a young stud”. Out of the reported 37 million clients, a large number of Indians could also be at risk, post the cyber-attack. According to a report by Time of India , Avid Life Media has refused to elaborate on how many Indian users might get affected or, how many users from India have deleted their accounts after the breach. The website had a low-key launch in India back in January 2014. The report points out that within a few months, 2.75 lakh Indian users had signed up to use the service, without any marketing push as well. Seeing its gaining popularity, the company also had the idea to launch a Hindi version of the site. The hacking group states that, “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.” They also said that a “paid delete” function will not remove all information about a member’s profile and communications. Private information continues to remain online. The company says that the hacking group had also posted two random samples of profiles, one of which was of a user who had paid to delete his profile. Though, the report says that select documents from the company’s file servers, executives’ Google drives and emails that were dumped on websites such as gitlab, bitbucket, launchpad and imgur appear to have been removed. As of now, the dating website company has reportedly hired UK cybersecurity firm Sycura to investigate the breach and is working with police to trace those behind the attack. In an interview with KrebsOnSecurity , Avid Life Chief Executive Noel Biderman was cited as saying the company suspected someone who had access to internal networks as being behind the breach. The compromise comes less than two months after intruders stole and leaked online user data  on millions of accounts from AdultFriendFinder. The hackers had reportedly stole names, email addresses and information about the sexual orientation or habits of up to 4 million members.