Millions of panicked Ashley Madison members and their suspicious spouses have crashed websites hosting the 'cheat sheet' of 37million users worldwide including more than a million Britons.
Several searchable databases of names and sexual fantasies linked the data hack had to shut down within minutes of going live because they could not cope with demand, MailOnline can reveal.
A series of world maps plotting where the Ashley Madison members live have also been plotted and posted online.
Hackers yesterday put millions of marriages at risk after they published the entire Ashley Madison database online, including names, addresses, credit card details and sexual fantasies.
Revealed: This is a new world map showing the locations of all the members of Ashley Madison cheaters outed by hackers - but most databases linked to the data have failed to cope with demand
New scandal: The Ashley Madison website promises its 37 million members worldwide complete 'anonymity' and has the motto: 'Life is short. Have an affair' - but all its users had their details leaked
At least a dozen searchable databases have been set up to allow people to check who was on the cheat list, but today only a small number appear to be still working.
One hacker said today: 'I created a database for the public to search but within two minutes after making it live it crashed' because of 'tons of hits'.
He said that he had wanted to allow people to see the list because it was 'karma for cheaters'.
It has also been reported that some criminals are also are tricking worried cheaters into outing themselves.
People are being warned not to use sites that demand a slew of personal details before offering them access to the database because they may be later blackmailed.
Bankers, civil servants, UN peacekeepers, firefighters, NHS staff, BBC journalists, police officers and even Vatican employees have been outed by the Impact Team because they are considered 'cheating dirtbags'.
Two staff at the Government's Porton Down lab where workers research chemical and biological weapons were also named in the file dump.
A married politician was among the millions of alleged users of an adultery website whose identities were revealed by hackers yesterday.
MP Michelle Thomson denied using the site as cyber attackers released the personal details of 37million members of Ashley Madison – a website for those seeking affairs.
Hackers claimed they had access to the names, email addresses, credit card details, naked photos and sexual preferences of alleged users – including civil servants, bankers, police and emergency service workers.
Some 1.2million members of the site are said to be British.
New names emerged overnight, including BBC Radio 1 DJ Scott Mills, who said it was 'hilarious' because he is gay and believes a fan may have signed him up.
The French leak monitoring firm CybelAngel said it counted 1,200 email addresses in the data dump with the .sa suffix, suggesting users were connected to Saudi Arabia, where adultery is punishable by death.
One wrote online under the title 'I May Get Stoned to Death for Gay Sex and wrote: 'I am from a country where homosexuality carries the death penalty.
'I BEG you all to spread this message. Perhaps the hackers will take notice of it, and then, I can tell them to (at the very least) exercise discretion in their information dump (i.e. leave the single gay arab guy out of it). As of now, I plan on leaving the Kingdom and never returning once I have the $ for a plane ticket. Though I have no place to go, no real friends, and no job.'
Wizards: Internet users have harnessed the data published yesterday to allow people to search, but they have failed to cope with demand
Victim: Married Edinburgh MP Michelle Thomson, pictured with Nicola Sturgeon ahead of the May election, said her identity was 'harvested' by hackers who falsely suggested she was an Ashley Madison member
Hoaxes: Radio 1 DJ Scott Mills and former prime minister Tony Blair are among the famous names who had fake accounts set up without their knowledge
But many of those named, including Mrs Thomson, said their email addresses had been stolen and used without their knowledge. Other email addresses were fakes, including one for former Labour prime minister Tony Blair.
Mrs Thomson, one of the Scottish National Party's newly-elected Westminster MPs, denied any contact with Ashley Madison, which had promised total anonymity to its clients and advertised using the slogan: 'Life is short. Have an affair.' The MP for Edinburgh West, a mother of two grown-up children, said her identity appeared to have been 'harvested' by the hackers, without her having ever used the site.
A British civil servant told MailOnline she was 'heartbroken' after being named by hackers as an Ashley Madison user.
The married woman said she must be the victim of a malicious enemy. The woman is among 124 British government workers named by hackers.
She said: 'I'm absolutely heartbroken. I'm married and would never do something like this. It must be malicious. I never knew I had enemies'.
Genuine users fear their cheating will be discovered after all their details and sexual fantasies were published.
Hackers from the Impact Squad posted the 9.7 gigabyte file called 'Time's Up!' on the dark web because they are 'cheating dirtbags' who 'do not deserve anonymity'.
One married engineer who joined because he wanted to have sex with women behind his wife's back told MailOnline: 'I am terrified my wife will find out'.
The American, who has asked not to be named, said: 'I went through a tough spot in my marriage and I signed up one night out of frustration.
'It was a whim. I would never have cheated on her.'
One Irish member named said he had set up an account and told MailOnline he is married but was 'inquisitive' about meeting other women.
He said: 'I did sign up but never used the account. I'm a bit annoyed to be honest - I set it up with the intention of using it but was unable to access it due to work restrictions.
'Now my details are all over the internet'.
Warning: Impact Team say Ashley Madison members should not have anonymity because they are 'cheating dirtbags' and deserve no such discretion' as they published the data in full
Set up: A 9.7 gigabyte data file has today been posted to the dark web claiming to have account details and log-ins and even credit card details of people who use the social networking site to have affairs
LOTS OF STAMINA, BLINDFOLDING... BUT A TOUCH OF GENTLENESS: WHAT ASHLEY MADISON USERS ARE LOOKING FOR FROM ILLICIT AFFAIRS
There's no doubt that those who log on to the Ashley Madison website are looking for a rather eclectic mix of qualities from their illicit affairs.
In a section on their profile, account holders can describe what they are 'looking for' by listing a series of numbers which correlate to a 60-strong list of detailed preferences in the bedroom.
Perhaps unsurprisingly, one of those most popular options chosen by users is number 45, which requests 'lots of stamina'. There is also much demand for 'blindfolding', while more confident users hoping to live out their Christian Grey fantasies can opt for number 50: 'Someone I can teach'.
In a section on their profile, account holders can describe what they are 'looking for' by listing a series of preferences in the bedroom, including 'erotic tickling' and 'dressing up/lingerie' (file picture)
Users can also reveal their preferred methods: erotic moves (number 34); erotic tickling (number 35); light, kinky fun (number 40) and experimenting with tantric sex (number 21). For those feeling a little experimental, they can select number 23 (which reads 'experimenting with sex toys') or 'dressing up/lingerie', which is listed as number 32.
Other items on the list include gentleness, bondage, fetishes, spanking, role play, sex talking and the ever-so-discreet option of 'good with your hands'.
Meanwhile, some users opt for transvestism, while others prefer aggressiveness. For those on the other end of the scale craving a bit of romance, there is the option of a 'bubble bath for two' (number 28) and 'cuddling and hugging' (number 29).
And for users who want a more straightforward arrangement, there is the ever-reliable number seven: conventional sex.
A second section then asks users to describe what they are 'open to', allowing them to delve further into their sexual fantasies.
Choices include a 'Don Juan' (number 1), a 'Boy Next Door' (number 47) and a 'Bad Boy' (number 36), while some even select the more perverse option of a 'father figure' (number 51). People can also request a 'Sugar Daddy' or a 'Sugar Baby'.
Users can also go into detail about what they want physically from the person, including tattoos, body piercings and 'casual jeans/t-shirt types'.
There are also options for tall height, short height, long hair, short hair and BBW - the abbreviation for Big Beautiful Women - as well as facial hair and a 'full-sized body'.
For those who are care about the personality of their sexual partner, there are those who can opt for 'hopeless and romantic,' while others can select 'relaxed and easygoing' and 'creative and adventurous'.
For some users, a 'secret love nest' is an important factors, while others request 'imagination' and a 'high sex drive' in the mix.
And for the more cautious, the popular selections are 'disease free' (number 55) and, for a website of this nature, the all-important number 11: discretion.
Ashley Madison was targeted by a hacking group called Impact Team last month, who condemned its members as 'cheating dirtbags' and threatened to release information unless the service was closed.
They have now made good on their threat and released the information in a mass 'data dump' on the internet. Personal details are said to belong to top businessmen, workers at the UN and the Vatican as well as university and college email addresses.
One banker's profile described himself as having a 'sex drive too high to handle', adding: 'I need someone who is more sexual. I need someone who is willing to try anything.'
Another man admitted he was married but said he was looking for a woman who liked 'kinky fun, erotic movies and dressing up'.
ASHLEY MADISON: HOW DOES THE CHEATING WEBSITE WORK?
Ashley Madison is astonishingly easy to use.
Free to join, new members are asked to provide a user name and blurred photograph - - the site will pixelate it for you or you can add a 'disguise', such as a mask.
Users then select what they're looking for, ranging from 'cyber affair/ erotic chat' to 'anything goes'.
It's open to single and attached users, though those who sign up are predominantly married. The majority are men.
Men then pay in 'credits'. The introductory package is £39 for 100 credits or £179 for an 'affair guarantee' membership of 1,000 credits. Five credits buys a message to another member and 30 gets you 30 minutes of live chat.
Women don't have to pay — a sensible incentive, given that 70 per cent of the site's profiles are male.
They can then send private messages, 'winks' to notify another user that you have viewed their profile or virtual gifts, normally sexual images, and chat via instant messenger when both members are online.
Many then meet for sex.
Mrs Thomson said hackers appeared to have used an old email address linked to her but said she had never used Ashley Madison or had any contact with its parent company Avid Life Media.
Her email appears in the raw data seen by the Daily Mail, but is marked as not validated and her profile does not include a photograph or any personal details, other than the message: 'Hi'.
She said: 'Having a personal email address linked to an account doesn't mean that person is really a user of Ashley Madison. Users are able to sign up to the site without responding to an email verification, meaning anyone's email address could have been used to create an account.'
Avid Life Media confirmed some of the hacked data had come from the site but said the 'vast majority' was not related to its website.
It was not clear how many of the hacked email addresses belonged to genuine website members, as it is possible to create an account using someone else's name and email and the site does not require verification of email addresses.
A councillor whose details were also dumped said he believed a disgruntled voter could have secretly set up an account in his name.
Divorce lawyers warned the hack could have disastrous consequences for marriages, even if no affair had taken place.
Elizabeth Hicks, a partner at legal firm Irwin Mitchell, said: 'While being on the list is obviously not proof of an affair, it is likely to erode the trust in the relationship.'
Ashley Madison had promised total discretion but senior staff reportedly raised concerns over security procedures in June.
Chief executive Noel Biderman had described the company's computer servers as 'kind of untouchable'. Avid Life Media, based in Canada, condemned the hack as 'an act of criminality' and said the FBI and police were investigating.
But in a statement posted with the hacked data, Impact Team attacked the 'fraud, deceit and stupidity' of the site and its members.
'Find yourself in here? It was ALM that failed you and lied to you.'
It added: 'Learn your lesson and make amends. Embarrassing now but you'll get over it.'
Tim Loughton MP, a member of the Home Affairs committee, said: 'This is very worrying on a number of fronts.
'If people in sensitive government positions are using government email addresses to register on such a sensitive website, then clearly it raises serious questions about their judgment.
'But if, as looks possible, government email accounts in what should be secure departments are this vulnerable to being hacked or impersonated, that raises its own serious security issues.'
Security analyst Graham Cluley told The Times: 'There's clearly a risk that individuals in public service could be the target of extortion as a result of this hack.
'There is a risk of blackmail because if you know someone might have been having an affair, or have discovered details of their sexual preferences, then you may have unexpected leverage over them.
'The silver lining is that Ashley Madison never forced users to verify their email addresses so it was easy for anyone to create an account using anybody's email.
'Even if your sexual peccadilloes have been exposed by the hack, there is some plausible deniability'.
WHAT DID THE HACKERS STEAL AND WHAT DATA HAVE THEY REVEALED?
Profile: This is a genuine profile of an American user of Ashley Madison, including her sexual preferences, although it has been put in this form by MailOnline for clarity
The hacking of Ashley Madison represents one of the biggest data breaches in online history, with the personal and most intimate details of users now published online.
Hackers have simply stolen all raw data about users and published them exactly as they appear on the website's database.
For example, the profile above purports to be for a woman from Arizona, in her twenties.
The leaked file on her reveals her account nickname, full name, date of birth address, zip code, phone numbers, email addresses, ethinicity, weight, height and even longitude and latitude of their home.
Users are also asked to set out what they are looking for, what kind of sexual partner they want and their sexual fantasies.
These are all numbered between 1 and 60, and an index explaining what these all mean have also been released by hackers.
The passwords of the users appear to be the only piece of information that was encrypted.
Security experts fear that this information could be abused by criminals willing to blackmail individuals or sell on their details.
James Maude, senior security engineer at Avecto said: 'A hidden danger here is the amount of data now out there and the impact this could have on areas such as national security, government policy and law enforcement.
'At first glance, it may look like the Ashley Madison data leak will cause nothing more than embarrassment. But this type of sensitive personal information can be used by criminals to generate serious leverage against an individual, when combined with details released from other attacks.
'It seems like Ashley Madison was cheating on its clients with a number of bad security and data storage practices. The breach shows employees using 'Password1234' and contains seven years of credit card transaction details. Researchers have verified that some of the credit cards are not only valid but still in daily use.
'Although the password for the accounts were stored in a way which makes wholesale decryption unlikely, it is entirely possible that a targeted attack on an individual account could crack the password. This could lead to the compromise of other accounts such as online banking or emails if a shared password was used.
No comments:
Post a Comment