AshleyMadison.com Hacked – Customer Service Lying To Members About Security

xl-2015-ashley-madison-2

by Deric Lostutter

We all know that AshleyMadison.com – the dating site who’s slogan is “life is short, have an affair” was recently compromised by a group of hackers calling themselves Impact Team

Ashley Madison released this statement pertaining to the unauthorized access of the site.

“We were recently made aware of an attempt by an unauthorized party to gain access to our systems. We immediately launched a thorough investigation utilizing leading forensics experts and other security professionals to determine the origin, nature, and scope of this incident.”

“We apologize for this unprovoked and criminal intrusion into our customers’ information. The current business world has proven to be one in which no company’s online assets are safe from cyber-vandalism, with Avid Life Media being only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies.”

“We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world. As other companies have experienced, these security measures have unfortunately not prevented this attack to our system.”

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible.”

Impact Team threatened to release all of the information of more than 30 million users if they didn’t take AshleyMadison.com and EstablishedMen offline. The hackers chose to release 2,500 records to show they mean business. The mirrors were taken down by use of the “Digital Millennium Copyright Act” or “DMCA” requests on behalf of Avid Life Media, the parent company of AshleyMadison. It is unclear just how much information Impact Team has obtained, but the information could include credit card numbers and other financial information.

Impact Team left this message behind:

“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”

Below is a snippet left behind by Impact Team verbatim:

AshleyMadison customer service has been slammed busy in their call centers, reassuring clients that their information is secure and that only 2 records were ever compromised – a claim that was obviously false due to the evident leak that they worked so hard to take offline. Some customers are even taking advantage of a “full delete” option that rolled out because of the hack, which AshleyMadison claims will remove all user information, however, they refuse to acknowledge if it also deletes the damning credit card transaction information associated with user profiles.

With AshleyMadison lying to it’s users, one can only be sure that information is safe in corporate hands, if you never give it to them in the first place.