Hackers claim to have released 10 gigabytes of data stolen from Ashley Madison, a dating website for married people.
Web experts have warned that appearing on the list of users does not confirm a link to the site, as Ashley Madison only validated email addresses for paying subscribers, meaning that made-up, out-of-use and invalid addresses could have been used to register for the site.
This map shows the worldwide distribution of the sites users and the male to female ratio.
Red dots mean that 85% of the users in that area are men.
According to third-party web analytics provider SimilarWeb, the Canadian-based online dating service and social networking service marketed to people who are married or in a committed relationship, has more than 124 million visits per month.
The data has reportedly been leaked on the so called dark web, meaning it is accessible only via encrypted browsers.
SNP MP Michelle Thomson has already denied any connection with the site after an email addressed allegedly linked to her appeared among the data posted.
The MP for Edinburgh West said the “out-of-use” email address had been “harvested by hackers”.
The group behind the attack – The Impact Team – breached Ashley Madison’s servers last month, and now claim to have released this data to the Dark Web; a sub-level of the internet that can not be accessed through normal browsers, and is often described as the “internet black market”.
Others have since posted sections of the alleged list more generally online, and among the contents are email addresses claiming to be linked to government in both the UK and US, as well as the BBC, the Vatican and the United Nations.
In some cases, user names and even post codes of users are also listed.
Lamar Bailey, the director of security research and development at cyber-security firm Tripwire said the implications of the breach could be very personal for some if proven accurate.
“This has been one of the most interesting breaches this year,” he said.
“The data stolen and released has far reaching social implications and people are already harvesting and creating metrics on the data. Sites are publishing which cities have the most ’cheaters’ using which cities have the most profiles listed on the site.
“This could play into hiring decisions too because many companies run background checks, Facebook, Twitter, and Google searches for applicants. If an applicant shows up as an Ashley Madison user does that show something about the applicant’s trustworthiness and morals?”
Ashley Madison’s parent company Avid Life Media (ALM) has branded the hackers criminals.
In a statement ALM said: “We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world. We are continuing to fully co-operate with law enforcement to seek to hold the guilty parties accountable to the strictest measures of the law.”
ALM appealed for anyone with information on the hack to come forward.