Through a variety of websites, users who have signed up their email address for cheating website Ashley Madison can check if they are included in the database that was released by hackers.
The data that was stolen by a hacking attack on Ashley Madison was uploaded by the Impact Team, the hackers behind the infiltration, to the Dark Web through an Onion address. The database contains almost 10GB worth of private user data, which contains sensitive information such as names, email addresses, home addresses, credit card information, and even secret sexual fantasies.
The database was also released to torrent websites, leading to all the sensitive data now being searchable.
For users to check if their email address is included in the uploaded hacked database, websites that they can visit to do so include pages by cynic.al, Trustify, and Have I Been Pwned.
The cynic.al page for the Ashley Madison hack also mentions that there are around 36 million accounts included in the data dump by the hackers, which includes duplicate email addresses. Not all the email addresses are verified by the account owners, however, as it is possible that the email address was only added to the database but was never actually used after signing up to Ashley Madison.
The compromised information only includes email addresses that were input before July 11, which means that users who signed up after that date are not affected by the hacking attack.
"Avid Life Media has failed to take down Ashley Madison and Established Men," wrote the hackers in the introduction document for the data dump, with all the information now out in the open for the public to see.
Avid Life Media, the owner of Ashley Madison, said that it has increased security measures for its systems following the data breach. However, this would not be of much help for users who had their information extracted by the hackers and now released online.
However, Ashley Madison's founding chief technology officer Raja Bhatia claimed that the data dump is a fake one, with it being no more real compared to the previous attempts.
The biggest giveaway to the supposed inauthenticity of the data dump is that it includes credit card information. Ashley Madison does not request for such information from clients, Bhatia said.