The Ashley Madison hack has sparked "spin off" crimes including extortion and may have led to two suicides, Canadian police said Monday, as the adultery website's parent company offered a sizeable reward for leads on the culprits.
The release last week of stolen emails and data from some 32 million members of the Canada-based site -- including payment transactions, email addresses and phone numbers -- has stirred up a privacy nightmare for users.
"As of this morning, we have two unconfirmed reports of suicides associated to the leak of Ashley Madison customer profiles," Toronto police Staff Superintendent Bryce Evans told a news conference.
Evans also pointed to crimes including extortion, blackmail and online scams claiming to provide access to the leaked data and offers to delete it from the web for a fee.
One scam threatens to expose clients unless payment of 1.05 bitcoins or Can$300 (USD$225) is received, saying in an email: "Consider how expensive a divorce lawyer is... and then think about how this will affect your social standing amongst family and friends. What will your friends and family think about you?"
The data dump on the so-called "dark web" comes a month after a hacker group identified as the "Impact Team" stole the files, saying they were trying to shut down the site.
"This hack is one of the largest data breaches in the world and is very unique on its own in that it exposed tens of millions of people's personal information including their credit card data," Evans said.
"The ripple effect of the Impact Team's action has and will continue to have a long-term social and economic impact," he said. "They have already sparked spin-offs of crimes and further victimization."
- Site 'like a drug dealer' -
Ashley Madison, launched in 2001, is known for its slogan: "Life is short. Have an affair." It helps connect people seeking to have extramarital relationships and is owned by Avid Life Media.
Toronto police along with the Royal Canadian Mounted Police, the Ontario Provincial Police, US Homeland Security and the American FBI are investigating the hack, dubbing the probe "Project Unicorn."
Australian and Canadian privacy watchdogs are also jointly looking into to the data breach.
In an exchange published on Friday by Vice Media's Motherboard website, the hackers alleged that Ashley Madison and its parent company Avid Life Media were abusing the trust of their users.
"Avid Life Media is like a drug dealer abusing addicts," they claimed.
Evans said Ashley Madison is cooperating with the investigation and police have found "no criminal wrongdoing" by the company, as was alleged by the hackers.
Avid Life Media meanwhile is offering a Can$500,000 reward for information leading to the arrest and prosecution of the hackers.
According to authorities, the company became aware of the hack on July 12 when staff were greeted in the morning with a message on their computers threatening to leak client information unless the Ashley Madison website was "shut down immediately, permanently."
The message was accompanied by rockers AC/DC's song "Thunderstruck."
Days later, the private information of two clients -- one in Mississauga, Ontario and one in Brockton, Massachusetts -- were leaked online.
That was followed by the release in August of the "entire Ashley Madison client list," said Evans, as well as CEO Noel Biderman's emails.
Police offered no details about the two alleged suicides linked to the data breach.
Four days ago, a Can$760 million (US$578 million) class action lawsuit was launched against Avid Life Media alleging the company failed to protect its clients' privacy.
The lead plaintiff in the suit is a disabled Ottawa widower who said he joined the website "in search of companionship" after losing his wife of 30 years to breast cancer.