Ashley Madison data leak: E-mail addresses with '.sg' spotted

SINGAPORE - Is your e-mail address in the leaked list of Ashley Madison members?

Last week, personal information belonging to more than 32 million members of the adultery website was leaked online by hackers.

The New Paper combed through the data and found 4,751 e-mail addresses with the ".sg" suffix, which indicates a Singapore domain address.

Examples include yahoo.com.sg or live.com.sg. These addresses are said to be registered with Ashley Madison, whose tagline is "Life is short. Have an affair".

These e-mail addresses included 38 with ".edu.sg", which typically belong to students, teachers or faculty members of local schools.

A Ministry of Education (MOE) spokesman told TNP: "MOE will check the veracity of the e-mail accounts being used. If there are breaches of regulations or inappropriate conduct that undermines the values expected of our educators, we will take appropriate action."

It is likely there are more Singapore e-mail addresses in the leaked data because many people here have e-mail addresses without the ".sg" suffix, such as Gmail and Hotmail.

The leaked data, which was about 9.7GB in size, can be downloaded by anyone. But it is hosted on the "dark Web" that is not easily accessible.

In the United States and Canada, the data leak has had wide-ranging consequences. It has reportedly led to two suicides, said Canadian police.

"Spin-off" crimes including extortion, blackmail and online scams have been attributed to the leak. Some websites claim to provide access to the data and also offer to delete data from the web for a hefty fee of US$230 (S$322).

In Singapore, the response to the leak has been tepid. Ashley Madison was banned from launching a local website in November 2013 over its attack on "family values and public morality", according to a Media Development Authority of Singapore statement at the time.

An online forum has claimed to identify two senior lawyers as members of the site, but not much else has been said about people here who may have been involved.

E-mail addresses used to register with the site are not verified, which means the owners of these e-mail addresses may not actually be users.

The work e-mail address of an educator in an international school here was on the leaked list. However, when contacted, a spokesman said the e-mail address, while functional, is not the educator's actual work e-mail address.

She said: "(The educator) does not have access to the e-mail (address) listed on the site... Any e-mails sent to that address are immediately redirected to the school's main account."

Justin Tan, an associate lawyer at Trident Law Corporation, said it is illegal to use someone else's e-mail address to register for services.

He said: "Using someone else's e-mail address without their knowledge or authorisation is possibly an offence under the Computer Misuse and Cybersecurity Act."

Some e-mail addresses are said to be fake, as Ashley Madison does not require valid e-mail addresses.

TNP also discovered two ".gov.sg" e-mail addresses, one of which bore the "cpib.gov.sg" domain name.

But a spokesman for the Corrupt Practices Investigation Bureau (CPIB) clarified that the address is not in its system.

Human resource experts noted that using your work e-mail address for personal use is generally frowned upon.

Linda Teo, the country manager for ManpowerGroup Singapore, said: "Strictly speaking, company or work e-mail addresses should not be used to access personal sites."

This article by The New Paper was published in MyPaper, a free, bilingual newspaper published by Singapore Press Holdings.