The data, stored in more than 2,500 files, involved transactions spanning from March 2008 to several days in June of this year.
The Canadian Press has sorted through the data to find 76 credit-card transactions were made on DND computers involving 42 email addresses, and 25 transactions from the House of Commons using 13 email addresses.
Some of the transactions are authorizations followed by a separate transaction for payment.
The data includes the transaction amount, credit card company, the last four digits of the card's account number, the customer's name, city, province, country, postal code, an email address and in some cases streets addresses and IP information.
Some of the names mentioned in the House of Commons transaction records are easily verifiable as current or former staffers. In the DND transaction records, some of the addresses are DND facilities.
A spokesman for the Treasury Board Secretariat, which represents the federal government, did not immediately respond to a request for comment.
Toronto-based Avid Life Media, the parent company of Ashley Madison, says the company doesn't store full credit-card data from members.
The credit-card information of U.S. government workers — some with sensitive jobs in the White House, Congress and the Justice Department — was also revealed in the data breach.
"I was doing some things I shouldn't have been doing," a Justice Department investigator told the Associated Press.
Asked about the threat of blackmail, the investigator said if prompted he would reveal his actions to his family and employer to prevent it.
Defense Secretary Ash Carter said the Pentagon was looking into the list of people who used military email addresses.
Adultery can be a criminal offense under the Uniform Code of Military Justice. There are no such regulations among military or defence employees in Canada.
— With files from CP digital journalist Lucas Timmons and The Associated Press
Also on HuffPost