ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Ashley Madison Data Breach

ashleymadison.com
Major exposure
Verified breach Sensitive Passwords exposed
Accounts exposed 30,811,934
Breach date 19 Jul 2015
Added to tracker 18 Aug 2015
Data classes 13

What happened

In July 2015, the infidelity website Ashley Madison suffered a serious data breach. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as "sensitive" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Read about this approach in detail.

Exposed data

Dates of birth Email addresses Ethnicities Genders Names Passwords Payment histories Phone numbers Physical addresses Security questions and answers Sexual orientations Usernames Website activity

Recommended actions

  • Change your Ashley Madison password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Ashley Madison โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP