4,700 S'pore email addresses leaked from controversial cheating site "Ashley Madison"

31 August 2015 / 1 year 1 month ago

Jennifer Dhanaraj, Hariz Baharudin
The New Paper
27 August 2015 

Is your e-mail address in the leaked list of Ashley Madison members?

Last week, personal information belonging to more than 32 million members of the adultery website was leaked online by hackers.

The New Paper combed through the large data dump and found 4,751 e-mail addresses with the ".sg" suffix, which indicates a Singapore domain address.

Examples of such addresses include yahoo.com.sg or live.com.sg addresses.

These addresses are said to be registered with Ashley Madison, whose tagline is "Life is short. Have an affair".

These e-mail addresses also included 38 ".edu.sg" e-mails, which typically belong to students, teachers and faculty members of local education institutions.

An MOE spokesman told TNP: "MOE will check the veracity of the e-mail accounts being used. If there are breaches of regulations or inappropriate conduct that undermines the values expected of our educators, we will take appropriate action."

It is likely there are more Singapore e-mail addresses in the leaked data because many people here have e-mail addresses without the ".sg" suffix, such as Gmail and Hotmail.

The leaked data, which was about 9.7GB in size, can be downloaded by anyone. But it is hosted on the "dark Web" that is not easily accessible.

In the US and Canada, the data leak has had wide-ranging consequences.

The hack has reportedly led to two suicides, said Canadian Police.

"Spin-off" crimes including extortion, blackmail and online scams have also been attributed to the leak.

Some websites claim to provide access to the data and also offer to delete data from the web for a hefty fee of US$230 (S$322).

One of the more high-profile users who has been exposed on the site is conservative US reality TV star Josh Duggar from 19 Kids And Counting.

In Singapore, where Ashley Madison was banned from launching a local website in November 2013 over its attack on "family values and public morality", the response to the leak has been tepid.

An online forum has claimed to identify two senior lawyers purported to be members of the site, but not much else has been said about people here who may have been involved.

E-mail addresses used to register with the site are not verified, which means the owners of these e-mail addresses need not necessarily be users of the site.

The work e-mail address of an educator in an international school here was on the leaked list.

However, when contacted, a spokesman said the e-mail, while functional, is not the educator's actual work e-mail address.


She said: "(The educator) does not have access to the e-mail (address) listed on the site.

"Any e-mails sent to that address are immediately redirected to the school's main account."

Mr Justin Tan, an associate lawyer at Trident Law Corporation, said it is illegal to use someone else's e-mail address to register for services.

He said: "Using someone else's e-mail address without their knowledge or authorisation is possibly an offence under the Computer Misuse and Cybersecurity Act."

Some e-mail addresses listed on the site are also said to be fake.

Ashley Madison does not require valid e-mail addresses.

TNP also discovered two ".gov.sg" e-mail addresses, one of which bore the "cpib.gov.sg" domain.

But a spokesman for the Corrupt Practices Investigation Bureau (CPIB) clarified that the address did not exist in its system.

CNN reported that more than 15,000 e-mail addresses listed in the data dump were government and military agencies, some of which were proven to be real.

Human resource experts noted that using your work e-mail addresses for personal use is generally frowned upon.

Ms Linda Teo, the country manager for ManpowerGroup Singapore, said: "Strictly speaking, company or work e-mail addresses should not be used to access personal sites."

Experts also said that if employees were found to have been looking for affairs on the site, it could affect their standing within the company.

Mr Erman Tan, president of the Singapore Human Resources Institute, said most companies tend to draw a line between an employee's personal and professional life.

"If it is found that your personal affairs affect your work, you can get fired," said Mr Tan.

If your e-mail address is on list...

How do I find out if my e-mail address is on the list?

You can now search for any e-mail address registered with Ashley Madison.

Using the leaked data, sites like Trustify and cynic.al have created searchable databases that allow you to type in an e-mail address to check if it is part of the Ashley Madison dump.

If an e-mail address is in the database, it could mean:

- the address owner is an active member of the site;

- he created an account, but does not use it; or

- someone used his e-mail address to create a fake account.

The database does not show usage of the account or other details that could expose an account holder's potential affair.

I did not sign up, but my e-mail address is on the hacked list. What should I do?

Make a police report, said Mr Justin Tan from Trident Law Corporation.

He said: "This would fall under the Computer Misuse and Cybersecurity Act.

Strangers who do not have the authority to use your e-mail address to sign up on Ashley Madison could possibly be committing an offence."

Mr Lee said that if your work e-mail address had been used, you need not tell your employer unless it went against company policy.

He added: "You should probably tell your spouse, since it will be better that your spouse hears this from you instead of from an outsider."

I signed up for Ashley Madison and my details are in the leaked list. What should I do?

You should change your e-mail address to prevent further association and misunderstandings linked with the Ashley Madison leak, said Mr Eric Chan, a solutions consulting director from security software company Fortinet.

Also check the privacy settings on your social media accounts because hackers could use this information to identify and blackmail you. Ignore any online blackmail attempts, Mr Chan said.

The gallery below shows weird dating stories, inappropriate texts as well as instances of cheating.

This article was first published on August 27, 2015. 
Get The New Paper for more stories.

Join in the talk