The Office of the Data Protection Commissioner has said it has contacted its counterpart in Canada over the Ashley Madison data dump, amid claims that as many as 110,000 Irish email addresses may have been included in the data breach.
However, the ODPC said it had not yet received any contacts from Irish people affected. However, as Ashley Madison was operating outside of Ireland, it did not have any jurisdiction should any reported Irish victims contact them.
The fallout is continuing in relation to the online data dump in which the details of the adultery site’s 37m users around the world were released online, following a hacking operation.
The information, published by a group called the Impact Team, includes the email addresses, names or pseudonyms of users and other information, in a hacking operation and data dump that the parent company behind Ashley Madison, Avid Life Media, has described as a criminal act.
It emerged a number of email addresses associated with government departments and state agencies have been discovered on the leaked database, ranging from the HSE to the Defence Forces and the Department of Agriculture.
Ashley Madison, which uses the tag line ‘Life is short — have an affair’, is now trying to halt the spread of the stolen database by sending copyright takedown notices to social networks and file-sharing sites.
Here, the Office of the Data Protection Commissioner said it had not been in receipt of any queries from concerned individuals.
“In addition the website ashleymadison.com is not Irish-controlled and, accordingly, it is outside the jurisdiction of this office,” a spokesman said. Where appropriate, this office will cooperate with any of the investigations being carried out in other jurisdictions.
“This office has been in touch with our counterparts in the Data Protection Authority in Canada and we have been provided with contact details for the submission of complaints in this case.”
The main data dump is hosted on a Tor ‘hidden service’ which can only be accessed through an anonymous browser. However, already details of extramarital activity facilitated by the Ashley Madison site has been disseminated elsewhere online, while one website — ashley.cynic.al — purports to allow people to check if their email address is among those included in the dump.
That site also points out that Ashley Madison did not validate email addresses, meaning some email addresses may have been registered to the site by accident or by someone other than the owner of the email address.
A data security analyst who broke the story of the initial hack said he was concerned that some people implicated as a result of the data dump may take their own lives as a result of the massive data leak.
Brian Krebs was quoted in The Guardian: “There’s a very real chance that people are going to overreact. I wouldn’t be surprised if we saw people taking their lives because of this, and obviously piling on with ridicule and trying to out people is not going to help the situation.”
© Irish Examiner Ltd. All rights reserved