Impact Team, the hackers that stole a massive amount of data from infidelity hookup site Ashley Madison earlier this week, have come forward to tell their side of the story. In an email Q&A with Motherboard, the hack's perpetrators first and foremost shamed Ashley Madison's parent company Avid Life Media for the lax security that made such a hack a surprisingly simple matter. "We worked hard to make fully undetectable attack [sic]," Impact Team said, "then got in and found nothing to bypass." The hackers further called the security levels "bad," saying that "nobody was watching" and there was "no security" to speak of. The fact that Ashley Madison isn't the most secure site out there isn't news, but it's still a bit shocking to see just how cavalier a site that makes its living trading on infidelity is about protecting customer info.
Other revelations include the extent of the data Impact Team was able to make off with -- the existing releases are just the tip of the iceberg, though the group says it isn't planning on releasing everything. The group has allegedly pulled 300GB of employee emails and internal documents as well as "tens of thousands" of Ashley Madison user pics. A whopping third of those pictures are supposedly "dick pics," but fortunately for the hacking victims, those pictures aren't going to be released. It sounds like the group doesn't plan to release most employee emails either, though some executives might not be so lucky.
Earlier today, Impact Team re-released yesterday's data because the file containing Avid Life Media CEO Noel Biderman's email was corrupted, though it looks like the latest release is similarly inaccessible. Whether or not we'll see more sensitive user information released remains to be seen -- the group says no further dumps are "guaranteed" at this point, but that's some language that certainly leaves things open for the future.
[Image credit: Carl Court / Getty Images]
Source: Motherboard (1), (2)
Tags: AshleyMadison, ashleymadisonhack, hack, impacteam