Hackers threaten to leak Ashley Madison's 37 million clients

July 20, 2015 7:30 AM

The hackers also demanded the closure of another of Avid Life Media's sites, sugar-daddy site "Established Men", but did not target the company's "CougarLife" site, which caters for women members looking for "a young stud"

Hackers threaten to leak Ashley Madison's 37 million clients

Hackers claim to have personal details of more than 37 million cheating spouses on dating website Ashley Madison and have threatened to release nude photos and sexual fantasies of the site's clients unless it is shut down, blog KrebsOnSecurity reported.

Ashley Madison's Canadian parent, Avid Life Media, confirmed the breach on its systems and said it had since secured its site and was working with law enforcement agencies to try to trace those behind the attack.

The hackers, who call themselves The Impact Team, leaked snippets of the compromised data online and warned they would release customers' real names, profiles, nude photos, credit card details and "secret sexual fantasies" unless their demands were met, Krebs said.

The hackers also demanded the closure of another of Avid Life Media's sites, sugar-daddy site "Established Men", but did not target the company's "CougarLife" site, which caters for women members looking for "a young stud".

Ashley Madison, which uses the slogan "Life is short. Have an affair", has been planning to raise up to $200 million through an intial public offering on the London Stock Exchange.

The breach comes about two months after dating site Adult FriendFinder was compromised. That site has an estimated 64 million members.

The Impact Team, in a screen grab showing on the Krebs blog, say it had taken over Avid Media systems including customer databases, source code, financial records and emails.

"Shutting down AM (Ashley Madison) and EM (Established Men) will cost you, but non-compliance will cost you more," the hackers said.

They said users who had paid a fee to Avid Life to have their personal data permanently deleted had been lied to and the company had retained records, including credit card information.