TORONTO — Analysis of leaked Ashley Madison data shows that some of the cheating website’s customers made credit-card transactions from computers attached to the Department of National Defence and the House of Commons.
The data, stored in more than 2,500 files, involved transactions spanning from March 2008 to several days in June of this year.
The Canadian Press has sorted through the data to find 76 credit-card transactions were made on DND computers involving 42 email addresses, and 25 transactions from the House of Commons using 13 email addresses.
Some of the transactions are authorizations followed by a separate transaction for payment.
The data includes the transaction amount, credit-card company, the last four digits of the card’s account number, the customer’s name, city, province, country, postal code, an email address and in some cases streets addresses and IP information.
Some of the names mentioned in the House of Commons transaction records are easily verifiable as current or former staffers. In the DND transaction records, some of the addresses are DND facilities.
The Canadian Press is not identifying the government employees.
National Defence referred most questions to the federal Treasury Board, which has an overall responsibility.
Lisa Murphy, spokeswoman for the Treasury Board, would only say that the government has rules for the professional and personal use of its computers. She declined to answer a series of specific questions, but referenced the government’s guidelines that say every breach of the rules is dealt with on an individual basis.
In a written statement, a DND spokeswoman echoed some of Murphy’s statement, and said the department “has policies and practices in place to deter, detect and enforce unauthorized and prohibited computer use.”
The spokeswoman, Ashley Lemire, also pointed to an internal military policy outlining responsible online use.
“DND employees and CAF members must ensure they maintain the highest ethical standards and values in all uses of the Internet, the defence intranet, computers and other IT systems,” says the internal directive.
The U.S. military considers adultery a chargeable offence under regulations, but there is no such provision under Canadian military law.
National Defence would not say whether it’s investigating who accessed the Ashley Madison site.
Toronto-based Avid Life Media, the parent company of Ashley Madison, says the company doesn’t store full credit-card data from members.
Hackers this week released detailed records on millions of people registered with the website one month after the break-in at Avid Life Media. The website — with its slogan “Life is short. Have an affair” — is marketed to facilitate extramarital affairs.
The credit-card information of U.S. government workers — some with sensitive jobs in the White House, Congress and the Justice Department — was also revealed in the data breach.
“I was doing some things I shouldn’t have been doing,” a Justice Department investigator told the Associated Press.
Asked about the threat of blackmail, the investigator said if prompted he would reveal his actions to his family and employer to prevent it.
Defense Secretary Ash Carter said the Pentagon was looking into the list of people who used military email addresses. Adultery can be a criminal offence under the Uniform Code of Military Justice.