Ashley Madison hackers were apparently so excited to take over their dating site after it became the center of a sex scandal that they hacked into a large number of thousands of users’ personal information, including dates, birthdays, and passwords.
But they were so caught off guard by the sudden explosion in activity that they apparently forgot to lock down the database they were using, The Guardian reported.
In an exclusive interview with Newsweek, the site’s founder, Noel Biderman, acknowledged that Ashley Madison’s database contained information that was not public, including personal details about members of the dating community, including their birthdays.
The hacker who breached Ashley Madison told the Guardian that he didn’t want to reveal the identity of the hacker because the information was already public.
But he said he had already stolen more than 300 million passwords from members’ accounts, and was working on the ability to access their identities through a software program.
Ashley Madison has since been hacked multiple times by hackers who gained access to its database.
In June 2016, an attacker gained access via the social networking site’s password reset feature and gained access again via a vulnerability in its software in October 2016.
In October 2017, a hacker broke into the site through a different vulnerability in the software and gained control of more than 200 million accounts.
The breach has not resulted in any user data being released, but it’s unclear whether the AshleyMadison hack is related to the 2016 hack or not.
Bidermans denial that AshleyMadison’s database was publicly available is at odds with recent reports that Ashley-Madison hackers were able to gain access to the site.
In November, hackers broke into a computer system at the Ashley-Catherine Harte Trust, a nonprofit organization that runs a dating site for gay and lesbian adults.
In that case, Ashley Madison also was compromised, but hackers had already used a software vulnerability to steal the user information and passwords of more 3.6 million people, according to the New York Times.
AshleyMadison has since taken steps to tighten up its security measures, including requiring members to log in to their account each month, encrypting their passwords, and limiting access to their sites through password-based security.
Ashley-Dates, the company that owns AshleyMadison, told Newsweek that the Ashley database had been encrypted in 2018 and that the hackers who broke into it had already been unsuccessful in getting into the database.
But Ashley-Ds website, which also houses other dating sites, said that its database was not affected.
“The Ashley-DNA database is not compromised,” Ashley-Davis said in a statement to Newsweek.
“There have been no breaches of our database.
Ashley was not hacked.”
In September, AshleyMadison released a statement saying that it had “identified and taken measures to mitigate any potential security risks” in its database, which has been updated regularly since then.