Impact Team Leaks Ashley Madison Data, What You Need to Know

In July a group of hackers calling themselves the Impact Team threatened to release private information about the 37 million Ashley Madison users, and sensitive information about employees of Avid Life Media. Earlier in the week Impact Team began to release the information, as promised, in a series of waves throughout the week.


When Impact Team went to Ashley Madison about the situation, they really only had one demand: they wanted Avid Life Media, the parent company, to shut down both Ashley Madison and another site they owned called Established Men, a site that helped younger women connect with well-to-do men in hopes of establishing a sugar daddy type relationship. In essence, they wanted Avid Life Media to close shop. Unsurprisingly, the CEO of Avid Life Media said, in more words, “no.”

On Tuesday the Impact Team released almost ten gigabytes of data, which included things like names, addresses, phone numbers, email addresses, usernames, and passwords of 37 million Ashley Madison users. What’s worse is that the hackers also released information about the users’ sexual preferences, and what types of partners they were seeking.


Ashley Madison didn’t require real names and addresses to sign up for an account, so it’s not known how much of the data is actually legit. Alarmingly, there were almost 15,000 government issued emails found in the data. Whether these emails were used by someone other than the actual email owners or if that many government employees had the audacity to use their work email when signing up for the site also remains unknown.

Mixed in with all of the above information were millions of credit card transactions which did require users to provide a real name and address associated with the card. Full credit card numbers were omitted from the dump, but the names and addresses of these cards were published in the dump. This last bit is an unfortunate oversight on the part of the hackers since they have no way of knowing how many of these transactions were committed through credit card fraud.


Repercussions of the attack will likely have an everlasting effect on everyone involved. The 37 million users who had their lives and privacy invaded will likely see their lives forever changed if their spouse is savvy enough to know how to look them up and find them. But, they were also participants on a website devoted to helping them cheat on partners. Anyone who wants an easy way to search through the database of leaked information can visit Trustify, and perform a simple search for whomever they’re looking for. Some spouses may choose to remain in the dark, which is a completely understandable choice, some marriage may end in divorce (also understandable), but then there is another question that remains to be answered: what about users who used their work email to sign up to the site?

In an interview with Indystar, president of HR Dimension Mark McNutty says, “It’s a really gray area. To some extent it’s new territory. I can’t think much of a precedent in this.”

Repercussions for the company have already started filing in. There are currently two Canadian law firms that are suing Avid Life Media for $578m due to data breach. Meanwhile, Noel Biderman, CEO of Ashley Madison, is sticking to his guns, and has even stated that while he doesn’t cheat, he believes it’s only natural.

Of course, this hacking ordeal (and many others) forces consumers to wonder if any company truly cares enough to keep their users’ data safe from hackers.


In a recent interview with The Star, Ajay Sood, general manager for the Canadian arm of Mandiant, said that he believes it’s unlikely that the Impact Team will ever be caught. He calls it “cyber vigilantism, and said that it’s difficult to catch cyber criminals in general, but this case is unique because the group aren’t able to be traced to other acts of criminal activity since they’ve only been involved with the Ashley Madison hack.

“I don’t want to sound pessimistic, but it tends to be not too common,” said Sood when asked about catching the culprits involved in the Ashley Madison hack.