Ashley Madison Hack: New Data Dump Targets Company Founder; Over 15K Accounts Linked To Federal And Military Officials

Emails sent by the founder of AshleyMadison.com, the extra-marital affairs dating website, were released Thursday in a second, larger dump of data by hackers even as officials continue their investigation into the security breach that took place last month.

The data dump contained emails sent by Noel Biderman, founder and CEO of AshleyMadison.com’s Toronto-based parent company Avid Life Media.

In a message along with the release of the data, which is estimated to be about 20 gigabyte, the hackers said: "Hey Noel, you can admit it's real now," Reuters reported. The message is believed to be a reply from the hackers, known as the Impact Team, to the company’s reaction to the first dump Tuesday that the data was not authentic.

"Everything appears to be legit," David Kennedy, founder and security consultant at TrustedSec, said in an email to Reuters, adding: "We have portions downloaded and its confirmed legitimate thus far."

Thursday’s release, which was double the size of the earlier one, includes the source code for the website that could potentially allow other hackers to set up a similar site, Reuters reported.

The latest data leak also included over 15,000 email addresses of employees of the White House, Congress and law enforcement agencies, according to a report by the Associated Press (AP).

The accounts of federal officials reportedly included at least two assistant U.S. attorneys, an information technology administrator in the Executive Office of the President, a division chief, an investigator, a trial attorney in the Justice Department, a government hacker at the Homeland Security Department and another DHS employee believed to be working on a U.S. counterterrorism response team.

The AP report also said that many federal customers used non-government email addresses with handles like "sexlessmarriage," ''soontobesingle" or "latinlovers" and that some of them were connected to the office systems when they accessed the dating site.

"I was doing some things I shouldn't have been doing," a Justice Department investigator told the AP, adding that he would reveal his actions to his family and employer if a threat arose. "I've worked too hard all my life to be a victim of blackmail. That wouldn't happen."

The U.S. Defense Department and Postal Service is also investigating the military and government email accounts of customers on AshleyMadison.com, which included U.K. civil servants and executives at European and North American corporations, according to Reuters.

Meanwhile, U.S. Defense Secretary Ash Carter said that the Pentagon was investigating the officials who used the military email addresses. Adultery can be a criminal offense under the Uniform Code of Military Justice. “I’m aware [of] it,” Carter said, according to the AP, adding: “Of course it’s an issue because conduct is very important. And we expect good conduct on the part of our people. ... The services are looking into it and as well they should be. Absolutely.”

The Impact Team was reportedly against the company’s business practices, particularly a “paid delete” option that allowed customers to remove all their data from the website after making a payment, but the hackers claim that it did not actually do so. After the July hack, the team had demanded that the company shut down its sites AshleyMadison.com and EstbalishedMen.com or they would post the bulk of the data.

Avid Life has not yet clarified how much information or what kind of details were stolen during the security breach.