The hack, first reported by security blog KrebsOnSecurity, has been claimed by a hacker or group of hackers, named “The Impact Team.”
The group claims to have infiltrated the private databases of Avid Life Media (ALM), the company that owns AshleyMadison, and other dating sites including Cougar Life and Established Men.
It is understood the hackers have accessed user profiles, financial records and even ALM salary information.
AshleyMadison currently has more than 33 million global users.
KrebsOnSecurity reports that ALM Chief Executive Noel Biderman confirmed the hack, and said the company was “working diligently and feverishly” to take down ALM’s intellectual property.
“We’re not denying this happened,” Biderman told KrebsOnSecurity.
“Like us or not, this is still a criminal act.”
Mr Biderman also said they were close to confirming who the “culprit” behind the hacking is in their internal investigation.
“We’re on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication,” he said.
“I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services.”
The Impact Team hackers have posted some internal data from ALM online, and alleged that AshleyMadison’s “full delete” feature does not work. The feature that promises to entirely remove member profiles at a cost of $19.
In their online manifesto, The Impact Team hackers wrote: “Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie.”
“Users almost always pay with credit card; their purchase details are not removed as promised.”
The Impact Team also reportedly demanded that ALM take AshleyMadison and Established Men permanently offline, or customer records and profiles, including real names and ‘customers’ secret sexual fantasies would be exposed.
“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online,” the hackers wrote.
“Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers also wrote.
“Too bad for ALM, you promised secrecy but didn’t deliver … And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”
On ALM’s official website, AshleyMadison is described as the world’s largest website for married men and women looking to have a discreet affair.
“As Canada’s largest dotcom, Ashley Madison been recognised as industry leader with appearances on the Profit 500 three years running and has become the fastest growing married dating website in the world,” it also states.
In a statement to News Corp Australia, Avid Life Media confirmed they have “launched a thorough investigation utilising leading forensics experts and other security professionals to determine the origin, nature, and scope of this incident”.
While they have been able to secure their sites, and close the unauthorised access points, the statement said they apologise for the “unprovoked and criminal intrusion” into users’ information.
“We apologise for this unprovoked and criminal intrusion into our customers’ information. The current business world has proven to be one in which no company’s online assets are safe from cyber-vandalism, with Avid Life Media being only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies,” the statement also said.
“We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible.”