Thousands of users of the extramarital affair website Ashley Madison paid to have their personal data deleted — only to have that data retained, stolen by hackers, and posted online. Our lawyers are pursuing a class action lawsuit against the website’s parent company, Avid Life Media (ALM).
UPDATE: 10 Gigs of Ashley Madison User Data Dumped on Dark Web
August 19, 2015 — Hackers have dumped 9.7-gigabytes of data from 32 million Ashley Madison users on the dark web, including account information (log-in, name, address, and phone number), descriptions of what members were seeking, encrypted passwords, and credit card / payment transaction details for seven years dating back to 2007. No credit card numbers were released, but names, addresses, email addresses, and transaction amounts linked to those numbers were released. Click here to read more.
What is Ashley Madison?
Ashley Madison is a niche dating site for married adults who want discreet extramarital affairs, with the slogan “Life is short. Have an affair.” Ashley Madison boasts 37 million users worldwide and has been online since 2001.
Was “Full Delete” a Lie?
Anyone can sign up for a free membership on Ashley Madison, but when they try to delete an account, they are directed to pay $20 for a “Full Delete.” After users pay the money, Ashley Madison did not actually delete the information — leaving full names and addresses vulnerable to hackers, according to Ars Technica.
Hackers Threaten to Release “Secret Sexual Fantasies” of Ashley Madison Users
In July 2015, a hacking group identified as “The Impact Team” compromised user databases, financial records, and other information from Ashley Madison.
After posting a few unlucky users’ data, the hackers threatened to post “secret sexual fantasies and matching credit card transactions, real names and addresses” unless Ashley Madison was taken offline.
According to the hackers:
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie. Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”