The massive fallout from July’s Ashley Madison hack has taken another grim turn, with a number of hacked users receiving physical letters in the mail entailing threats, such as exposing their private lives to their family and friends if they don’t pay a high-priced fee.
In a rather unsettling email Monday morning, security expert Graham Cluley said he was contacted by one of his readers with rather shocking news, writing:
I just received a physical postal letter to my house asking for $4167 USD or exposed my AM account to people close to me. is your advice the same as in your vid about email blackmail? Thank you.
According to Cluley, the scammers have been sending out a steady stream of blackmail emails since the attack occurred over summer, though its very apparent that “blackmailers are also prepared to take things a step further and write letters to the homes of hacked users.”
Ashley Madison, the affair site for cheating spouses, leaked the sexual secrets of some 33 million users back in August after company had already been hacked. Initially hackers stole all of Avid Life Media’s (AVM) data, the parent company to Ashley Madison, back in August, threatening that if AVM did not cease business, the personal lives of millions would be exposed.
Exactly one month later, the anonymous Ashley Madison hackers leaked 10GB of data containing 33 million accounts. Two days later, the hackers released another 19GB of data, this time including gigabytes worth of emails from AVM’s since stepped down CEO, Noel Biderman.
The attack took a turn for the worst after hundreds of gigabytes of data started being leaked, and the personal lives of users started to be affected. The attack go so bad that Ashley Madison users began committing suicide and the company even put a $500,000 bounty on the hackers.
According to Cluley, months later and a number of letters have been sent to targets in a creepy attempt to extort users. The letters are coming in physical postal letters addressed to the victim, demanding a lump sum of cash.
For targeted victims, Cluley recommends that he is “strongly of the opinion that – in the majority of cases – blackmailers are trying their luck, hoping that a small percentage of those targeted will pay up.”
Cluley actually recommends that victims sit tight as “paying the blackmailers any money is only likely to make them focus on you more. Ignoring them is probably a better plan.” He also noted that anyone who has received one of the letters through postal mail should seriously consider informing the police.
He added that is it highly unlikely the original hackers have been involved in any of the blackmailing efforts, suggesting its the work of others who downloaded the leaked Ashley Madison databases.
Even months later the Ashley Madison hack is coming back to haunt its users. Its unclear how long these extortion attempts will last, but it doesn’t seem the scammers have any plans of slowing down or moving to more intrusive blackmail methods.