On Tuesday, Ashley Madison, a website designed to help spouses cheat, announced that the “full delete” option for customers’ profiles will now be free, following a hack by a group called “The Impact Team” on Monday.
In the past, customers had to pay $19 in order to delete their personal information from the site. Because subscribers had to pay using their credit card, their names and addresses remained on the site’s server.
Hackers exposed the loophole when they accessed the names, credit card information, photos and chat history of some of the site’s 37 million users. Hackers revealed that the “full-delete” feature raked in a profit of $1.7 million for Avid Life Media, the corporation that owns Ashley Madison.
“It’s also a complete lie,” the hackers said in a manifesto they released after the hack. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”
The company released a statement following the Ashley Madison hack on Monday:
At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible.
Ashley Madison’s CEO, Noel Biderman, believes whoever infiltrated the website might be a former contractor or someone with access to its technical services, he said in an interview with Krebs on Security, the news outlet that broke the original story.
“I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services,” he said.
Video courtesy of: