Ashley Madison posts $500k reward for hacker info, police call for hacker help

Avid Life Media (ALM), the parent of hacked dating site Ashley Madison, has offered a CAD $500,000 (AUD $524,764) reward for information leading to the Impact Team hackers.

The offer was revealed by Toronto Police superintendent Bryce Evans at a press conference in Toronto broadcasted on YouTube on Monday. It came amid the first unconfirmed suicides that may be linked to the leaked database.

“As of this morning we have two unconfirmed reports of suicides that are associated because of the leak of Ashley Madison’s customer profiles,” said Evans.

Evans appealed to “the hacking community” to come forward with information they may have gleaned on the ‘dark web’ where Impact Team leaked Ashley Madison database of over 30 million users last week.

“To the hacking community who engage on discussions on the dark web and who no doubt have information that could assist in this investigation, we are also appealing to you to do the right thing… You know the Impact Team has crossed the line,” said Evans.

Detective John Menard, from Toronto Police’s technological crime unit, clarified it was looking for help from “white hackers”.

“You’re looking at the Impact Team who are sort of operating in the dark web and areas of the internet that we don’t necessarily police on a daily basis,” said Menard who described the attack as “very sophisticated”.

As of last week the US Department of Homeland Security and the FBI have also joined the investigation alongside Canada’s Ministry of the Attorney Generals Criminal Law Office and the Royal Canadian Mounted Police.

Evans also revealed Avid Life Media discovered the breach on July 12 after employees arrived at work and turned on their computers to find “a threatening message” pop up on their screens “accompanied by the song Thunderstruck by AC/DC”.

ALM confirmed the breach to the public on July 19 after Team Impact leaked portions of the files. Today’s plea for help comes a month after ALM chief Noel Biderman said it was near to confirming who it believed the culprit was.

Evans said there was no criminal wrongdoing by ALM and that it would conduct a “vigorous and thorough” investigation despite people who take offence to Ashley Madison.

The Ashley Madison hack is seen as a landmark breach due to the sheer volume of personal records exposed and the fact they’re linked to a hook-up site dedicated to married people.

Australian security researcher Tory Hunt, who runs the haveibeenpwned breached password checker, said he’d been “inundated with email” from people affected by the leak and that they weren’t concerned about exposed financial information despite that being the focus of Avid Life Media’s statements to date.

Read more: The week in security: Hackers hack the hackers as Hacking Team falls

Evans gave a similar assessment of the breach, distinguishing from hacktivist attacks on government websites or stolen credit card data.

“This type of a hack is different to most because the previous ones we’ve witnessed… This one has victimised innocent people through a company’s profile,” he said.

The leaked list has also given rise to a number of scams aimed at blackmailing victims of the breach. Evans pointed to examples of emailed threats to expose users to their families via Facebook unless they paid $300 in Bitcoin. He also warned against paying for services that offer to purge exposed profiles from the web.

“Multiple sites are now been downloaded and they are present. Nobody is going to be able to erase that information,” he said.

“We now have hate crimes that are a result of this," Evans continued. “This is not the fun and games that have been portrayed [in the media]… This is reality, this is affecting all of us.”

Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list. 

Get newsletters, updates, events and more right here

Join the CSO newsletter!

Error: Please check your email address.

Tags Toronto Policehacker infohaveibeenpwned breachedAshley MadisonCSO AustraliaAttorney Generals Criminal Law OfficeyoutubeBitcoinJohn MenardFacebookAvid Life Media (ALM)hacker helpTeam hackersdata leak

More about AvidCSOFacebookFBI

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts