The World's Biggest Cheaters Website Got Hacked

Ashley Madison
Ashley Madison

Bad news: the very trustworthy-looking girl with her finger pressed to her lips is in fact not keeping your secrets safe.

If you're a member of AshleyMadison, the dating site that facilitates extramarital affairs, 1) Why...? and 2) You might want to come clean, because your information may currently be in the hands of hackers ready to expose your philandering ways to the world. Whoops!

The site, which boasts the very inspiring slogan "Life Is Short. Have An Affair," was reportedly hacked on Sunday by a hacker (or group of hackers) that goes by "The Impact Team," which may be the least-threatening hacker-group name ever. According to security blog KrebsonSecurity, the group reportedly invaded Avid Life Media -- the firm that owns AshleyMadison, Cougar Life, and Established Men -- and stole data including users' profiles, financial records, and other proprietary information. ALM Chief Executive Noel Biderman confirmed that hack to the blog on Sunday night, saying the company was working to recover the stolen data.

The Impact Team is no moral-driven group attempting to expose users because cheating is a sin. In a manifesto posted alongside a small portion of the stolen data (that has since been removed), the group said the hack was prompted by AshleyMadison's "Full Delete" feature, which promised to completely remove profile information for $19. The group claims that the service was a total lie, and purchase details (credit card info, names, addresses) were not removed.

So... kind of sounds like a tech-savvy reformed cheater was pissed he couldn't remove his profile. In its manifesto, the group demanded that AshleyMadison be shut down permanently or it would release "all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails." Cougar Life and Established Men were to go unharmed, likely because it's users' lives were in enough shambles as is.

In a statement, ALM said it removed all published user information, and was still investigating the incident. But for now, it's probably best to cheat the old-fashioned, face-to-face way. Or -- just throwing this idea out there -- you could just not do it at all...?

Updated - July 20th, 12:30pm: ALM has released the following updated statement: "At this time, we have been able to secure our sites, and close the unauthorized access points... the 'paid-delete' option offered by AshleyMadison.com does in fact remove all information related to a member’s profile and communications activity... As our customers’ privacy is of the utmost concern to us, we are now offering our full-delete option free to any member, in light of today’s news."

Lucy Meilus is a staff writer for Thrillist and is considering naming her first born Ashley Madison. Follow her on Twitter at @Lucymeilus and send news tips to news@thrillist.com.