LONDON: Scientists working in a top secret defence laboratory and a female MP are among hundreds of public servants whose personal details have been published online as alleged users of an adultery website in a "serious breach" of government security.
Computer hackers gained access to the entire database of Ashley Madison, a dating website for people who want to have affairs, and posted the names of all 37 million users, including 1.2 million Britons, on the internet. Among them are 124 civil servants, 92 Ministry of Defence staff, around 50 police officers, 56 NHS workers, 65 local education and school staff and 1,716 people at universities and further education colleges.
The personal details also included addresses, ages, phone numbers, credit card details and even sexual fantasies of users, prompting calls for an urgent review of government security.
The data dump includes the details of two workers at the highly secret Defence Science and Technology Laboratory, spread across five sites but based at Porton Down in Wiltshire, which carries out research on chemical, biological and radiological weapons.
Michelle Thomson, a newly elected SNP MP, also found her details had been published, but said a hacker had used an old email address of hers to access the site, and she had never visited the website herself. As well as the damage to jobs and relationships that could be caused by the hack, there is a potential for individuals to be targeted by blackmailers or other criminals.
Senior civil servants from the Ministry of Defence, Home Office, Ministry of Justice and other government departments are now likely to be called before parliament to explain how such highly sensitive details of their staff got into the public domain.
In some cases, staff appear to have used work email accounts to access the site, but many other users claim their identities have been stolen and that they have never used Ashley Madison, raising the question of how their details were so easily obtained by others.
Tim Loughton MP, a member of the home affairs committee, said: "This is very worrying on a number of fronts.
"If people in sensitive government positions are using government email addresses to register on such a sensitive website, then clearly it raises serious questions about their judgment. But if, as looks possible, government email accounts in what should be secure departments are this vulnerable to being hacked or impersonated, that raises its own serious security issues.
"What more serious or malicious means could people be using them for? This is something the committee needs to have a look at." The details were published online by hackers calling themselves The Impact Team, who stole the data last month and threatened to make it public unless Ashley Madison was taken down. They said they had acted because they claimed the company had failed to delete the details of users who had paid to have their profiles erased.
Canada-based Avid Life Media, the company that owns Ashley Madison and other dating websites, described the publication as an "act of criminality".
It said: "The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world."
The information was published on the so-called dark web, which can only be accessed using specialist browsers, but some of the data was quickly uploaded to open sites by bloggers.