Hackers who stole a trove of sensitive data from AshleyMadison.com said “nobody was watching” as they scoured the infidelity website and vowed to release more emails from its executives, online technology website Motherboard reported on Friday.
The tech website said it was given a contact email address for the hackers, who call themselves the Impact Team, by an intermediary. The hackers replied with a message signed with the same signature and fingerprint, known as a PGP key, posted with the Ashley Madison data releases this week, Motherboard said.
“We were in Avid Life Media a long time to understand and get everything,” the website quoted the hackers as saying. “Nobody was watching. No security.”
David Kennedy, founder and security consultant at TrustedSec, said that the latest download, which was released with the warning “Time’s Up!”, appears to be authentic.
“We have explained the fraud, deceit and stupidity of ALM [Ashley Madison’s parent company Avid Life Media] and their members. Now everyone gets to see their data,” the hackers said in a statement.
Impact Team had threatened to publish names and nude photos and sexual fantasies of customers unless Ashley Madison and Established Men, another site owned by Avid Life Media were taken down.
Representatives of Avid Life Media could not immediately be reached for comment.
Cyber security experts said data dumps on Tuesday and Thursday by the group appeared to be genuine. Tuesday’s release had customer information that included U.S. government officials, British civil servants and high-level executives at European and North America corporations.
Motherboard reported that in its exchange with the hackers, they said they had 300 gigabytes of employee emails and internal documents, “tens of thousands of Ashley Madison users pictures” and user chat messages from the site. On Tuesday, hackers released 10 gigabytes of data.
Cyber security experts have said they expect more staged releases of sensitive information.