Data: Ashley Madison
Sex, lies and security breaches
by Karlis Salna and Andrew Leeson
SYDNEY, Aug 20, 2015; AAP - The personal information of hundreds of government employees, including from the departments of defence and foreign affairs, have been exposed in a giant cache of data which hackers have sourced from the Ashley Madison dating service.
The hack, by a group calling itself Impact Team, has raised serious questions around security with experts warning it could expose government employees as well as private individuals to blackmail and extortion.
The files, released on the dark web and seen by AAP, are purported to include the email accounts of at least 800 government employees, both federal and state, who use the service which offers members the ability to arrange affairs.
The hack of infidelity dating site Ashley Madison left hundreds of thousands of people’s personal information exposed on the dark web. Together with then National Defence Reporter Karlis Salna I parsed the large dump of data for government emails which revealed a possible threat to Australia’s national security through potential blackmail and identity theft.
Accounts linked to employees from the federal departments of health, education and environment, from the ABC, and from the NSW Attorney-General's Department were included, as were many from defence and foreign affairs.
There were also dozens of accounts in the cache bearing email addresses purported to be associated with police officers from NSW, Victoria, Western Australia, South Australia and Queensland, including a senior officer.
The Queensland government said it was investigating how at least 44 public service email addresses appeared in the data.
The email addresses include those belonging to a detective, a regional councillor and a government official.
An account purported to be that of a navy officer who works in the area of "leadership and culture" was also in the almost 10 gigabytes of information.
The foreign affairs and defence departments have been contacted for comment.
Justice Minister Michael Keenan, in Jakarta for talks on security, said he was monitoring the fallout.
"This is an area that we need to look at I suppose, not just things like dating websites but obviously the security of government communications," he told AAP.
The dump of data on Wednesday comes after Impact Team threatened in July to release the information, claiming that users' details were not removed as promised.
"If you profit off the pain of others, whatever it takes, we will completely own you," the hackers said in a statement in July.
Canadian-based company Avid Life Media, which owns Ashley Madison, on Thursday continued to guarantee a "100 per cent discreet service" on its website.
The release of information also exposed the sexual fantasies of millions of users, and includes profile information and messages to would-be companions.
An account based in Sydney posted: "Hi there! I am looking for a deeper more inspiring, mutually satisfying level of intimacy. If you are so inclined, wink, wink!"
Another, from Kingswood in western Sydney, said: "Willing and able ... with much passion Aussie guy in Aus."
However, some of the individuals included in the files claimed they had been victims of identity fraud.
One Melbourne man, whose details were listed in the dump, told AAP his information had been stolen months ago.
"We cancel our cards every three weeks - that is the advice from the banks," he said.
Avid Life Media, which also owns a similar site called Established Men, said it had referred the matter to law enforcement agencies.
Last year, Ashley Madison claimed to have more than 17 million users in 26 countries.
The leak of personal data has left many victims reeling, but Slater and Gordon family lawyer Heather McKinnon say it's unlikely any damage claims will succeed.
"You would have to individually show that you had an injury," she said, which would be hard to argue in court if you were cheating.
More Data …
Stories below