Is your e-mail address in the leaked list of Ashley Madison members?
Last week, personal information belonging to more than 32 million members of the adultery website was leaked online by hackers.
The New Paper combed through the large data dump and found 4,751 e-mail addresses with the “.sg” suffix, which indicates a Singapore domain address.
Examples of such addresses include yahoo.com.sg or live.com.sg addresses.
These addresses are said to be registered with Ashley Madison, whose tagline is “Life is short. Have an affair”.
These e-mail addresses also included 38 “.edu.sg” e-mails, which typically belong to students, teachers and faculty members of local education institutions.
An MOE spokesman told TNP: “MOE will check the veracity of the e-mail accounts being used. If there are breaches of regulations or inappropriate conduct that undermines the values expected of our educators, we will take appropriate action.”
It is likely there are more Singapore e-mail addresses in the leaked data because many people here have e-mail addresses without the “.sg” suffix, such as Gmail and Hotmail.
The leaked data, which was about 9.7GB in size, can be downloaded by anyone. But it is hosted on the “dark Web” that is not easily accessible.
In the US and Canada, the data leak has had wide-ranging consequences.
The hack has reportedly led to two suicides, said Canadian Police.
“Spin-off” crimes including extortion, blackmail and online scams have also been attributed to the leak.
Some websites claim to provide access to the data and also offer to delete data from the web for a hefty fee of US$230 (S$322).
One of the more high-profile users who has been exposed on the site is conservative US reality TV star Josh Duggar from 19 Kids And Counting.
In Singapore, where Ashley Madison was banned from launching a local website in November 2013 over its attack on “family values and public morality”, the response to the leak has been tepid.
An online forum has claimed to identify two senior lawyers purported to be members of the site, but not much else has been said about people here who may have been involved.
E-mail addresses used to register with the site are not verified, which means the owners of these e-mail addresses need not necessarily be users of the site.
The work e-mail address of an educator in an international school here was on the leaked list.
However, when contacted, a spokesman said the e-mail, while functional, is not the educator’s actual work e-mail address.
REDIRECTED
She said: “(The educator) does not have access to the e-mail (address) listed on the site.
“Any e-mails sent to that address are immediately redirected to the school’s main account.”
Mr Justin Tan, an associate lawyer at Trident Law Corporation, said it is illegal to use someone else’s e-mail address to register for services.
He said: “Using someone else’s e-mail address without their knowledge or authorisation is possibly an offence under the Computer Misuse and Cybersecurity Act.”
Some e-mail addresses listed on the site are also said to be fake.
Ashley Madison does not require valid e-mail addresses.
TNP also discovered two “.gov.sg” e-mail addresses, one of which bore the “cpib.gov.sg” domain.
But a spokesman for the Corrupt Practices Investigation Bureau (CPIB) clarified that the address did not exist in its system.
CNN reported that more than 15,000 e-mail addresses listed in the data dump were government and military agencies, some of which were proven to be real.
Human resource experts noted that using your work e-mail addresses for personal use is generally frowned upon.
Ms Linda Teo, the country manager for ManpowerGroup Singapore, said: “Strictly speaking, company or work e-mail addresses should not be used to access personal sites.”
Experts also said that if employees were found to have been looking for affairs on the site, it could affect their standing within the company.
Mr Erman Tan,president of the Singapore Human Resources Institute, saidmost companies tend to draw a line between an employee’s personal and professional life.
“If it is found that your personal affairs affect your work, you can get fired,” said Mr Tan.
Fishing for partners? There’s always a catch
Hi. My name is Charlie.
I have black hair and brown eyes, and I look a little like a demented serial killer (in a charming kind of way).
More importantly, I’m looking to hook up with a girl. Any girl.
Oh, did I mention that I’m married? Even better, you say?
Obviously, none of the above is true apart from me being married. That was my story when I signed up for an Ashley Madison account.
For research purposes, of course.
I found out quickly why so many men have apparently been lured to the site by the promise of easy liaisons with women.
Registration is free and it took me about the same amount of time to set up as my fake e-mail account on Gmail.
You are asked to key in some physical attributes (height, hair and eye colour, etc) and upload a profile picture (I used a stock photo, see above).
The site even gives you an option to digitally mask your face with an actual digital mask, like a kinky Lone Ranger.
Less than an hour after I registered, I had a lovely lady (allegedly) who wanted to get to know me.
Her name was 1babe4you. She’s 41, 1.68m tall, of medium build, and is also married.
At this point, I was thinking: “Wow. I’m a cyberstud muffin. There must be a catch somewhere.”
And as soon as I clicked on her message, there it was – The Catch.
To see her e-mail, I needed credits, five to be exact.
And it just so happened that Ashley Madison had loads of it to sell to me. I could purchase 100 credits for just $99. Or, if I were the kind of guy who loves deals (I am), I could pay $479 for 1,000 credits.
Luckily, another user, kelly0105, sent me an e-mail I could read for free.
It read: “kelly0105 has indicated she is interested in someone just like you. You should send her a custom message to connect.”
Hmm, maybe I should.
I ponder for 10 minutes about what I should send before settling on a sexy but dignified “Hi there.”
I click “send”. And there it is again – The Catch.
To send a message, I needed five credits as well.
I decided to find out more about kelly0105 to see what made her so special that I had to pay money to send her a message.
I clicked on her profile and attributes such as age, height, weight and status were “not specified”.
The only attribute specified was gender, and it read “male”.
I decided not to pay to find out who kelly0105 or 1baby4you were, but thousands of men before me might have.
Last year, Avid Life Media, the company behind the website, made US$115 million (S$161 million) in revenue from Ashley Madison, reported Bloomberg.
Its CEO, Mr Noel Biderman, told Business Insider that it expects revenue to surpass US$150 million this year because of the growth in female users.
FREE FOR WOMEN
Only men have to pay to meet women on the site. Women aren’t charged.
If you suddenly get cold feet and want to erase all traces of your infidelity, you’ll have to cough up US$19 to “remove all traces of your usage”.
But the data unearthed by hackers have thrown doubt on Mr Biderman’s claims.
Before it was hacked, the site boasted it had a 70:30 male-to-female user ratio, with a one-to-one ratio for users under-30 years old. But of the 35 million user records leaked, only 5 million – or 15 per cent – belonged to women, reported The Washington Post.
Quoting dating site experts, the paper also said that many of the female profiles on Ashley Madison are fake, with people being paid to write them.
That might explain why kelly0105 and 1baby4you (neither had profile photos or any hint of online activity based on their profiles) wanted to get in touch with Charlie, my psychotic-looking alter ego.
It seems Charlie wasn’t the cyberstud muffin I thought he was.
If your e-mail address is on list…
How do I find out if my e-mail address is on the list?
You can now search for any e-mail address registered with Ashley Madison.
Using the leaked data, sites like Trustify and cynic.al have created searchable databases that allow you to type in an e-mail address to check if it is part of the Ashley Madison dump.
If an e-mail address is in the database, it could mean:
- the address owner is an active member of the site;
- he created an account, but does not use it; or
- someone used his e-mail address to create a fake account.
The database does not show usage of the account or other details that could expose an account holder’s potential affair.
I did not sign up, but my e-mail address is on the hacked list. What should I do?
Make a police report, said Mr Justin Tan from Trident Law Corporation.
He said: “This would fall under the Computer Misuse and Cybersecurity Act.
Strangers who do not have the authority to use your e-mail address to sign up on Ashley Madison could possibly be committing an offence.”
Mr Lee said that if your work e-mail address had been used, you need not tell your employer unless it went against company policy.
He added: “You should probably tell your spouse, since it will be better that your spouse hears this from you instead of from an outsider.”
I signed up for Ashley Madison and my details are in the leaked list. What should I do?
You should change your e-mail address to prevent further association and misunderstandings linked with the Ashley Madison leak, said Mr Eric Chan, a solutions consulting directorfrom security software company Fortinet.
Also check the privacy settings on your social media accounts because hackers could use this information to identify and blackmail you. Ignore any online blackmail attempts, Mr Chan said.
– Hariz Baharudin
BY THE NUMBERS
4,751
Total number of e-mail addresses with .sg
3,272
.com.sg
38
.edu.sg
225
.live.com.sg
24
.net.sg
2
.gov.sg
Source: www.tnp.sg
