Ashley Madison, a dating website for extramarital affairs, did not delete user data even after users paid a fee for a “Full Delete.” In July 2015, hackers have obtained the data and threatened to post it publicly. Our lawyers are now pursuing a class action against the parent company of Ashley Madison.
UPDATE: Hackers Post Stolen Ashley Madison User Data On Dark Web
August 19, 2015 — Hackers have dumped 9.7-gigabytes of data from 32 million Ashley Madison users on the dark web, including account information and credit card / payment transaction details for seven years dating back to 2007. Names, addresses, email addresses, and transaction amounts linked to credit card numbers were released. Click here to read more.
What is the problem?
Ashley Madison is a dating website for married people to find partners for extra-marital affairs, with the slogan “Life is short. Have an affair.” The website has been around since 2001 and about 37 million users worldwide.
Users can sign up for a free account, but they must pay $20 to have their profile deleted. Given the sensitive nature of the website, users have quite an incentive to delete their profiles. Some critics have called this “extortion.”
Hackers Steal Ashley Madison User Databases
In July 2015, hackers identified as “The Impact Team” claimed to have compromised user databases, financial records, and other information. They posted a few unlucky users’ information and threatened to release the rest unless Ashley Madison was taken offline by its parent company, Avid Life Media (ALM).
Was Private Information Ever Deleted?
In a manifesto, the hackers said they decided to publish the information because the website was lying to its customers.
Hackers said the “Full Delete” feature on Ashley Madison promises “removal of site usage history and personally identifiable information from the site.” However, purchase details including real names and addresses were never actually deleted, according to Ars Technica.
The hackers wrote:
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie. Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”