Ashley Madison leak wreaks havoc
Reputations and love lives may be at risk after the release of customer data from infidelity Web site Ashley Madison, an unprecedented breach of privacy likely to rattle users' attitudes towards the Internet.
Hackers dumped a big cache of data containing millions of e-mail addresses for US government officials, UK civil servants and high-level executives at European and North American corporations late on Tuesday, the latest massive cyber attack to draw attention to concerns about Internet security and data protection. An estimated 175 000 South Africans were also reportedly exposed.
The attack has dealt a heavy blow to Toronto-based assignation Web site firm Avid Life Media, which owns Ashley Madison and has indefinitely postponed the adultery site's IPO plans. But many professions stand to benefit from the unfolding saga, including lawyers, therapists and cyber security firms.
Prominent divorce lawyer Raoul Felder said the release is the best thing to happen to his profession since the seventh Commandment forbade adultery in the Bible. "I've never had anything like this before," he said.
The data dump began to make good on the hackers' threat last month to leak nude photos, sexual fantasies, real names, and credit card information for as many as 37 million customers worldwide of Ashley Madison. Essentially a dating Web site for extramarital affairs, it uses the slogan: "Life is short. Have an affair."
The public embarrassment and emotional toll is likely to be enormous on unsuspecting people whose extra-marital affairs may have been exposed on the Web or even whose e-mail addresses were used without their knowledge to sign up for the site.
"These poor people will be dealing with it in such a public way. It will be absolutely devastating," said Michele Weiner Davis, marriage therapist in Colorado and author of Divorce Busting.
For the partners of disloyal spouses, the initial shock will likely turn to anger and then a deep feeling of hurt and betrayal, she said. "It's no picnic for the unfaithful partner either."
Ashley Madison members would likely be best served by coming clean instead of waiting to see if their indiscretion is discovered, said Dr B Janet Hibbs, a psychologist and couples therapist in Philadelphia.
"Fall on your sword if you want to save your relationship," she said. "Be prepared for them to ask a lot of questions, to not be defensive, to be compassionate."
The data release could have severe consequences for US service members if found to be real. Several tech Web sites reported more than 15 000 e-mail addresses were government and military ones.
Adultery, under certain criteria including the misuse of government time and resources, is a crime in the US armed forces and can lead to dishonourable discharge or imprisonment.
The hackers' move to identify members of Ashley Madison seemed aimed at maximum damage to the company, which also runs Web sites such as Cougarlife.com and EstablishedMen.com, causing public embarrassment to its members, rather than financial gain.
"Find yourself in here?" said the group, which calls itself the Impact Team, in a statement alongside the data dump. "It was [Avid Life Media] that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you'll get over it."
Twitter was abuzz, with "hack" trending in fourth place. Most comments expressed horror that people's identities were exposed and many were astonished people had apparently used their work e-mail addresses to sign up to the site.
It is not clear how many of the clients are legitimate, as users do not have to verify their e-mail address as their own when they sign up.
The lists were dumped on the "dark Web", which is only accessible using a specialised browser, but the database was being decrypted and made more widely available.
Hundreds of the e-mail addresses listed online were linked to Harvard and Yale, but the Ivy League universities did not respond to requests for comment as to whether they were providing support or counselling to the people exposed.
A British parliamentarian whose e-mail address was included on the list said it had been stolen and used without her knowledge, adding weight to the argument that inclusion does not necessarily implicate individuals.
Still, the privacy intrusion has likely given people a jolt, making them question the data they have stored on the Internet and its potential consequences.
The financial impact for clients will be less of a factor compared with previous, bigger breaches ? Ashley Madison said on Wednesday that current or past members' full credit card numbers were not stolen and the company has not stored members' full numbers.
For Avid Life Media, questions remained about whether more data will be released and how its business can go on while the US Federal Bureau of Investigation and Canadian police investigate what the company believes was an inside job.
Lawyers speculated whether any aggrieved members would launch legal action against the company, which claims to be the world's second-largest dating Web site behind Match.com, owned by IAC/InterActive.
Avid Life values itself at $1 billion and reported revenue of $115 million in 2014, up 45% from the preceding year.
"It's a pretty severe blow," said a banker familiar with the company, who was not authorised to speak publicly about the topic. "If any business needed privacy, it would be them. Now they've lost it."