Who Hacked Ashley Madison? One Group Was Apparently Upset Over The $19 Account Deletion Service
Since news broke late on Sunday that a popular affair site had been hacked, one question has been looming overhead, taunting the public like some sort of horrible, noir-mystery novel title: Who hacked Ashley Madison? According to investigative journalist and security researcher Brian Krebs, who first broke the story, the group responsible for the massive data breach wasn't shy about announcing its presence, posting a ranting manifesto that claimed the company had been allegedly lying about the services provided under a $19 account deletion program offered to users looking for a full profile scrub. The team admitted to hacking two additional sites owned by parent company Avid Life Media (ALM) as well.
"Too bad for ALM, you promised secrecy but didn’t deliver," wrote the hackers, who identified themselves as the Impact Team, about the company's supposedly faulty "Full Delete" service, which offered subscribers the option to completely scrap all private information on the site for a modest fee. "We've got the complete set of profiles in our DB dumps, and we'll release them soon if Ashley Madison stays online."
ALM CEO Noel Biderman confirmed to Krebs on Sunday evening that the company had indeed been hacked, explaining that technical teams were "on the doorstep" of confirming the identity of those behind the breach and that there was "definitely a person here that was not an employee but certainly had touched our technical services."
Not much is currently known about the so-called Impact Team, except that they were pretty peeved about the whole "account deletion for money" scheme that Ashley Madison had been running for a few years. In 2014, tech website Ars Technica reported that the average Ashley Madison subscriber wasn't too pleased with the program either, citing a reader example from a client named "Rob Plant" who had allegedly used their services and tried to hide his old profile on his own, to no avail. Wrote Plant:
That seemed to be the general sentiment expressed by the Impact Team on Sunday as well. In its manifesto, the group continued:
So far, the Impact Team says it has collected sensitive data on over 37 million Ashley Madison users, as well as information stolen from similar hookup sites, Established Men and Cougar Life. The group was able to post a sampling of that data on Ashley Madison's site before it was taken down Sunday. More of that information, the Impact Team claimed, would be posted online unless the sites were taken down.
In a strange twist, the group apologized to ALM Director of Security Mark Steele, who the group said had done his job to the best of his ability — the Impact Team, they explained, just happened to be better:
Images: Getty Images (1)