Emails sent by the "have an affair" dating network's CEO suggest the firm "hacked" rival Nerve.com in 2012, taking its user database.
Brian Krebs:
“They did a very lousy job building their platform. I got their entire user base,” [Ashley Madison CTO Raja] Bhatia told [CEO Noel] Biderman via email, including in the message a link to a Github archive with a sample of the database. “Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.”
Neither Bhatia nor Biderman could be immediately reached for comment. KrebsOnSecurity.com spoke with Bhatia last week after the Impact Team made good on its threat to release the Ashley Madison user database. At the time, Bhatia was downplaying the leak, saying that his team of investigators had found no signs that the dump of data was legitimate,
Alas, it was for real. Ashley Madison charged its users to have their personal data wiped, but did not do so, and now that data is out in the wild.