Ashley Madison says all leaked customer data removed - for now
Ashley Madison, the website that connects people looking to have extramarital affairs, claims it has wiped all leaked customer data from the internet after a hacker posted sensitive personal information about some of its 37 million customers online.
Avid Life Media (ALM), the Canadian company which operates the Ashley Madison website, told IBTimes UK in an emailed statement that it has used the Digital Millennium Copyright Act (DMCA) to force the removal of the highly sensitive information:
"Our team has now successfully removed the all posts related to this incident as well as all Personally Identifiable Information (PII) about our users published online. We have always had the confidentiality of our customers' information foremost in our minds and are pleased that the provisions included in the DMCA have been effective in addressing this matter."
Most customers whose personal information was compromised in the attack are unlikely to be entirely comforted by this statement, and will point out that their confidentially has already been compromised by the attack.
On Sunday (19 July) a hacker going by the moniker The Impact Team, published around 40MB of data taken from a much larger trove of information stolen from Ashley Madison's internal network, including customer databases. The leaked data was accompanied by a manifesto in which the hacker calls for ALM to take down the Ashley Madison website (as well as others operated by the company) for good.
The hacker warned that it this demand is not met, then customer information would be leaked online every day.
The company said that it was working with "one of the world's top IT security teams" and that its "team of forensics experts and security professionals, in addition to law enforcement, are continuing to investigate this incident and we will continue to provide updates as they become available".
Hacker's identity
In an interview with security researcher Brian Krebs, the company's CEO Noel Biderman indicated that he had already identified the person responsible for the attack: "We're on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication. I've got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services."
The company has been quick to issue public responses to the security breach and says it will continue to update its customers on what is happening.
ALM announced in April that it would be seeking an initial public offering (IPO) in London later this year, but a customer data breach like this - considering the highly sensitive nature of the information in question - could be very harmful to its future plans.
The website, which connects married people looking to have an extramarital affair, has 37 million customers worldwide, with the vast majority of them located in the United States. In the UK there is said to be 1.2 million people registered with Ashley Madison.
The company's said the planned IPO hoped to raise $200m (£128.9m) to help fund its expansion into "the international market of adultery".
© Copyright IBTimes 2024. All rights reserved.