Ashley Madison Hack: What We Know About the Group Behind It
"Impact Team" has an apparent vendetta against adultery website.
-- Going by the name "Impact Team," the person or group behind the Ashley Madison hack and data dump appears to have been motivated by a disagreement with the company's business practices and apparent disdain for a website that boasts the tagline "life is short, have an affair."
Dumping nearly 10 GB of information online this week, including the names, email addresses and sexual preferences of members, among other pieces of information, the Impact Team followed through on a threat posted last month that it would release the information unless the website was taken down.
While little is known about the Impact Team, initial data released on the "dark Web" -- an area requiring special anonymizing tools to gain access -- last month by the group included a statement explaining the apparent motivations for targeting the site's owner, Avid Life Media, demanding Ashley Madison be taken offline or suffer the consequence of a data dump.
The hack was spurred by a disagreement with Avid Life Media's business practices, specifically a "full delete" feature, according to a statement posted by the group last month and shared by popular security researcher Brian Krebs on his blog. For $19, the company allows repentant cheaters to scrub their information from the website.
"Full Delete netted ALM $1.7mm in revenue in 2014. It's also a complete lie," the Impact Team wrote in its statement. "Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed."
Business practices aside, the hacker or hackers also had another message: "Too bad for those men, they're cheating dirtbags and deserve no such discretion...Too bad for ALM, you promised secrecy but didn't deliver."
A trove of data purporting to belong to members of Ashley Madison was posted on the dark Web this week -- one month after Avid Life Media confirmed a "criminal intrusion" into its system.
The company said it does not store full credit card numbers so any information claiming to include this information would be erroneous. It's also important to note that Ashley Madison users aren't required to verify their email addresses, meaning some found in the dump may have been hijacked by Ashley Madison users seeking to keep their actual email addresses off their accounts.
Avid Life Media said in a statement that the company is working with the FBI, the Royal Canadian Mounted Police, the Ontario Provincial Police and the Toronto Police Services, along with independent security experts, to investigate the hacker or hackers.
"We know that there are people out there who know one or more of these individuals, and we invite them to come forward," a statement posted on the company's website said. "While we are confident that the authorities will identify and prosecute each of them to the fullest extent of the law, we also know there are individuals out there who can help to make this happen faster."