Hackers have published details of people that use adultery website Ashley Madison, it has been reported.
The data, which includes the email addresses of Ashley Madison users, was published on the dark web, meaning it could only be accessed via an encrypted browser known as Tor. However, some other websites have since duplicated the data.
Technology publication Wired said 9.7GB of data had been published, adding that it appeared to show member account details and credit card details that go back to 2007.
Specifically, the data dump contains the usernames, first names, last names, street addresses and more of some 33 million users. Partial credit card details have also been published, along with records documenting 9.6 million transactions and 36 million email addresses.
Over 100 official UK government email addresses have been found in the the Ashley Madison files. Also among the email addresses were more than 15,000 accounts created with US .mil or .gov email addresses.
The data also includes descriptions of what 64 members were looking for on Ashley Madison.
"I'm looking for someone who isn't happy at home or just bored and looking for some excitement," wrote one member, according to Wired. The same file contained an address in Ottawa and the name and phone number of someone who works for the Customs and Immigration Union in Canada. "I love it when I'm called and told I have 15 minutes to get to someplace where I'll be greeted at the door with a surprise maybe lingerie, nakedness. I like to ravish and be ravished I like lots of foreplay and stamina, fun, discretion, oral, even willingness to experiment*smile*"
Passwords featured in the leak are hashed using the secure bcrypt algorithm. The difficulty and cost of decrypting all the passwords in the database means they will likely remain encrypted, but any users of Ashley Madison that want to minimise the risk of being exposed should change their password and any duplicates.
Susan Moss, a divorce lawyer at Chemtob Moss and Forman in New York City said: "Here comes the Tsumani! With this release of data, every curious spouse is going to check to see if their partner is on this list. This will lead to an influx of more divorces or at the very least some very difficult conversations. My advice, the news always is better received if coming from the cheating spouse directly. Otherwise, I have seen these cases turn into wars."
It's possible that some users provided fake details when they signed up, including random numbers and addresses. However, files containing credit card transactions will show real names and addresses, unless users of the site provided anonymous pre-paid cards.
Sign up for Computerworld eNewsletters.