The Impact Team, which hacked extra-marital affairs website Ashley Madison, defended itself saying its intention behind the attack was to stop more people from falling prey to the "blackmailing" company. The hackers added that they did not try to blackmail users with the hacking attack.
In a Q&A over email with Joseph Cox, a contributor to technology news site Motherboard, the team confirmed that it started the hacking operation a long time ago, adding that it was easy for it to infiltrate into the company servers.
"Nobody was watching. No security. Only thing was segmented network. You could use Pass1234 from the internet to VPN to root on all servers," the team said, speaking about the website's security.
When asked about the motivations behind the hack, it said it wanted to prevent more consumers from signing up on the website, where human trafficking was allegedly taken place.
"We were in Avid Life Media a long time to understand and get everything. Finally we watched Ashley Madison signups growing and human trafficking on the sites. Everyone is saying 37 million! Blackmail users! We didn't blackmail users. Avid Life Media blackmailed them. But any hacking team could have. We did it to stop the next 60 million. Avid Life Media is like a drug dealer abusing addicts," the team said.
The hacking of Ashley Madison and its parent company Avid Life Media has affected more than 37 million site users. The operation has also led to the dumping of the alleged source code of the company's products onto the dark web. The hackers first released snippets of the data back in July, followed by 10GB of customer information and 20GB of internal data.
The hackers claim that they accessed all customer information databases, complete source code repositories, financial records, documentation and emails
Class action lawsuit
Avid Life Media was subsequently sued in a Canadian class action lawsuit for the breach of its customers' private information, and more lawsuits were expected over the matter.
"They make $100,000,000 in fraud a year. Not very surprised they didn't shut down. Maybe lawyers can shut them down now. They sound like politicians, cannot stop lying. They said they don't store CC [credit card information]. Sure, they don't store email either; they just log in every day to the server and read. They had password to CC processor. We dumped from CC processor," the hackers said.
They added that in future their targets will not be just websites. They may attack "any companies that make 100s of millions profiting off pain of others" and corrupt politicians.