Hamilton County, Chattanooga and other area government agencies are launching internal investigations after their email addresses turned up in a hacked database of user information for Ashley Madison, a website that helps connect cheating spouses.
A group of hackers on Tuesday released a database of more than 30 million names, addresses, email addresses, financial records and bedroom preferences, and the hackers released a second trove of data, including the emails of Ashley Madison's CEO, Thursday afternoon.
The information dump included full names, passwords, street addresses, credit card information and internal data, security researchers told The Associated Press. They said the information released included details such as users' height, weight and GPS coordinates, and that men outnumbered women on the service five to one.
A Times Free Press review of the information revealed nearly two dozen email addresses belonging to government employees in the area: 16 Tennessee Valley Authority employees, four Chattanooga city workers, two Hamilton County government staff members and one EPB worker.
Beyond Chattanooga, the database contained .gov email addresses for city workers across Tennessee and Georgia, as well as federal and state employees.
The investigations launched by Chattanooga-area governments are part of a wave of probes launched by cities and agencies across the United States after some 15,000 government email addresses nationwide apparently were used to access the Ashley Madison website. That number includes thousands of .mil addresses that are used by members of the U.S. armed forces.
Several Georgia governments, including Atlanta, Marietta and Augusta, said on Thursday that they, too, were looking into the use of government email revealed in the hack, according to the AP.
However, the website, owned by Avid Media, apparently does not verify email addresses. It's possible that a user could give the site a fake email address or one that belongs to someone else.
Tennessee Valley Authority's sign is seen at the downtown complex.TVA spokesman Jim Hopson said Thursday the authority has "very clear policies about the appropriate use of government computers and government email servers." Surfing a cheating website is outside of those rules, he said.
Employees are even reminded of that policy every time they boot their computers, he said.
"Obviously our cybersecurity personnel are looking into this to see if any further action is required," Hopson said.
TVA is cross-referencing the Ashley Madison data with its own cybersecurity logs to determine what activity was actually done on TVA servers.
Any employee whom TVA verifies used government computers to log into the website will be disciplined, which could include firing, Hopson said.
Chattanooga spokeswoman Lacie Stone said the city is conducting a similar investigation. It appears one of the city emails listed on Ashley Madison was assigned to a former employee, she said.
"[The human resources department] will conduct an investigation to ascertain if, and then to what level, the use policy has been violated. HR will take appropriate actions at the conclusion of the investigation," Stone said.
The city's policy prohibits "Game playing or other trivial applications that interfere with work" and using the Internet for "surfing," displaying "obscene, lewd, sexually explicit" images or other activities supervisors find inappropriate.
Hamilton County Human Resources Director Alecia Poe said county employees are not allowed to use county computers or emails for "illegal, immoral, pornographic or other unbecoming purposes."
She said she is looking into the reported activity as well.
EPB spokesman John Pless said the same for its lone employee email listing.
"All employees are expected to use email for business purposes and exercise good judgment. We will investigate this matter and handle according to company policy," Pless said.
Digital Editor Ellis Smith and The Associated Press contributed to this report.
Contact staff writer Louie Brogdon at lbrogdon@timesfreepress.com, @glbrogdoniv on Twitter or at 423-757-6481.