In July 2015, an unknown person or group calling itself "The Impact Team" announced that they had stolen user data of Ashley Madison, a commercial website billed as enabling extramarital affairs.
Because of the site's lack of adequate security and practice of not deleting personal information from its database – including real names, home addresses, search history and credit card transaction records – many users feared being publicly shamed.
Using the Digital Millennium Copyright Act (DMCA), our team has now successfully removed the posts related to this incident as well as all Personally Identifiable Information (PII) about our users published online.
[6] The information was released on BitTorrent in the form of a 10 gigabyte compressed archive; the link to it was posted on a dark web site only accessible via the anonymity network Tor.
In its message, the group blamed Avid Life Media, accusing the company of deceptive practices: "We have explained the fraud, deceit, and stupidity of ALM and their members.
[10] A second, more extensive, data dump occurred on 20 August 2015, the largest file of which comprised 12.7 gigabytes of corporate emails, including those of Noel Biderman, the CEO of Avid Life Media.
[14] Hackers allege that Avid Life Media received $1.7 million a year from people paying to shut down user profiles created on the site.
[14] Josh Duggar, a 27-year-old man who had become famous as a teenage member of a conservative Christian family featured on a reality television series named 19 Kids and Counting, was one notable user of Ashley Madison whose data was breached.
The news of the data release compounded his problems with revelations earlier that year about police reports of his sexual misconduct; on 20 August, he admitted he had been unfaithful to his wife.
[28][29] A variety of security researchers and internet privacy activists debated the media ethics of journalists reporting on the specifics of the data, such as the names of users revealed to be members.
[35] Carolyn Gregoire argued that "Social media has created an aggressive culture of public shaming in which individuals take it upon themselves to inflict psychological damage" and that more often than not, "the punishment goes beyond the scope of the crime.
[38] On 24 August 2015, Toronto police announced that two unconfirmed suicides had been linked to the data breach, in addition to "reports of hate crimes connected to the hack".
[44] In a 2019 interview, Ashley Madison's chief strategy officer Paul Keable confirmed the installment of security features like two-factor verification, PCI compliance and fully-encrypted browsing as a consequence of the hacker attack from 2015.