Ashley Madison hack is not only real, it’s worse than we thought

Ars Technica 2015-08-19

The massive leak attributed to the hackers who rooted to the Ashley Madison dating website for cheaters has been confirmed to be genuine. As if that wasn't bad enough, the 10 gigabytes of data—compressed, no less—is far more wide ranging than almost anyone could have imagined.

Researchers are still poring over the unusually large dump, but already they say it includes user names, first and last names, and hashed passwords for 33 million accounts, partial credit card data, street names, and phone numbers for huge numbers of users, records documenting 9.6 million transactions, and 36 million email addresses. While much of the data is sure to correspond to anonymous burner accounts, it's a likely bet many of them belong to real people who visited the site for clandestine encounters. For what it's worth, more than 15,000 of the e-mail addresses are hosted by US government and military servers using the .gov and .mil top-level domains.

The leak also includes PayPal accounts used by Ashley Madison executives, Windows domain credentials for employees, and a large number of proprietary internal documents. Also found: huge numbers of internal documents, memos, org charts, contracts, sales techniques, and more.

Read 5 remaining paragraphs | Comments