Advertisement

Hackers dump more Ashley Madison user data online: report

WATCH ABOVE: Ashley Madison hackers release personal information of extra-marital website’s users.

UPDATE (Aug. 21): According to researchers who have been pouring over the latest leak, the data appears to include source code for Ashley Madison’s websites.

The leak also appears to contain a compressed file which may include CEO Noel Biderman’s emails – however, experts say that file is corrupt.

“The dump appears to contain all of the CEO – Noel’s business/corporate emails, source code for all of their websites, mobile applications, and more,” said researchers with security firm TrustedSec.

“Note that we do not plan on performing analysis on the actual files due to the sensitivity of the dump however, it does appear to be legitimate like the other dump.”

While this latest dump may not contain much more information about Ashley Madison users, TrustedSec points out that the latest dump could be quite dangerous for the website itself.

Story continues below advertisement

“Interesting enough – if this turns out to be legitimate which it in all aspects appears to be – having full source code to these websites means that other hacker groups now have the ability to find new flaws in Avid Life’s websites, and further compromise them more,” read TrustedSec’s blog.

——

TORONTO – Hackers behind the Ashley Madison data breach have reportedly dumped more user data online.

According to a report by Vice magazine, the hackers – who call themselves Impact Team – have allegedly released a new file, double the size of the previous dump which made headlines earlier this week.

The alleged data dump was published to the same dark web site as the previous release. The website is accessible only through specific web browsers.

According to Vice, a message posted along with the file read, “Hey Noel, you can admit it’s real now,” presumably directed to Ashley Madison parent company Avid Life Media’s CEO Noel Biderman.

On Tuesday it was reported that hackers dumped nearly 10 gigabytes of data online, allegedly containing account details and log-ins for some 32 million users of the affair facilitating website. Many media outlets, including Global News, have since been combing through that data to confirm is authenticity.

Story continues below advertisement

EXCLUSIVE: RCMP, military email addresses in Canadian Ashley Madison data

Global News has not determined the authenticity of the latest documents – however, Vice reported that the new file is just under 20 gigabytes in size.

The report noted that the information appears to include more Ashley Madison internal data rather than customer information.

Avid Life Media has not confirmed the authenticity of any of the leaked data so far, but called the attack “an act of criminality” in a statement issued Tuesday.

“We have now learned that the individual or individuals responsible for this attack claim to have released more of the stolen data,” it read.

In an interview with security journalist Brian Krebs, Raja Bhatia, Ashley Madison’s former chief technology officer, disputed the legitimacy of the leaked data.

He noted that there have been many supposed data dumps since hackers initially released some user data on July 19. However, he claimed many of those dumps included data from the initial leak and a mix of data taken from other sources.

However, many security researchers believe the information is authentic.

READ MORE: What we know about the Ashley Madison data dump

Security expert Graham Cluley pointed out that Ashley Madison doesn’t require users to verify their email addresses when they’ve signed up for the service.

Story continues below advertisement

“So, I could have created an account at Ashley Madison with the address of barack.obama@whitehouse.gov, but it wouldn’t have meant that Obama was a user of the site,” Cluley wrote in a blog post.