Avid Life Media Inc., the parent company of Ashley Madison, a matchmaking website for cheating spouses, said it was hacked and that the personal information of some of its users was posted online. The breach was first reported on July 19, 2015. (AP)
This summer's data breach fuelled a worldwide debate on infidelity and spawned a criminal investigation, a probe by Canada's privacy commissioner and at least one proposed national class-action lawsuit, although it's yet to be certified. Yet aside from the titillation and moral outrage associated with the adultery site, the Ashley Madison leak was no different than any other significant breach, said Carmi Levy, a technology analyst based in London, Ont. "Every time there's a major security breach of any kind, there's a whirlwind of activity around it, everyone becomes indignant, everyone talks about it, everyone worries, there's chaos and of course there are promises flying left, right and centre," he said. But as the crisis fades, many of those promises are unfulfilled, Levy said. "We get back into the day-to-day...and improving security infrastructure and changing processes to keep the bad guys out simply becomes a lower priority, and in many cases, it simply never filters to the top of the priority list — until the next crisis occurs, and then the same cycle repeats anew."
"We look forward to the continued successful operation of AshleyMadison.com, and the rest of our brands at Avid Life Media."
That same cycle plays out in online dating, which collects highly personal information while being plagued by fraud and other pitfalls, said David Evans, a Vermont-based industry consultant and analyst behind the trade blog Online Dating Insider. "Everybody's been hacked, it's whether it's been publicized or not — I think that's the standard now," he said, adding the dating industry is just one of many targeted by cyber-criminals. Companies will spend money to tighten security if they can find a way to profit from it, but investments into other services such as in-app purchases are better suited to boosting revenue, he said.
"Every time there's a major security breach of any kind, there's a whirlwind of activity around it, everyone becomes indignant, everyone talks about it, everyone worries, there's chaos and of course there are promises flying left, right and centre."
Ashley Madison accounts for three-quarters of the U.S. dating services industry, according to an IBISWorld report issued after the hack.While the Ashley Madison leak likely led some to rethink their membership with the site or its competitors, overall, the industry is thriving, he said. In the U.S., online and mobile dating account for roughly three-quarters of the $2.4-billion dating services industry, according to an IBISWorld report issued after the hack. A similar report issued before the leak found online and mobile dating took about the same share of Canada's $153.1-million dating services industry. With several other sites in its portfolio, Avid Life Media will likely bounce back as well, Evans said, though he suspects the incident caused "a huge revenue dent" in addition to the loss of its top executive. But another expert says the publicity stemming from the breach may work in the company's favour. "This is anecdotal but I spoke to somebody and they said to me that they were joining Ashley Madison because it was more secure now," said Patrick Malcolm, a digital forensics and security expert with the Ottawa consultancy firm Netrunner Inc.
After the July hack, Biderman told journalist Brian Krebs, who first reported on the breach, that it appeared to be an inside job, though not by a current employee. Ashley Madison said it had managed to secure its sites and "close the unauthorized access points." The Toronto cyber-security firm hired to audit the source code said it didn't appear any software vulnerabilities had been exploited. However, there's no evidence the company has actually changed its protocols, Malcolm said. "They knew it was an insider so there's no reason for them to do anything to their website, which is the reason why I don't think it's changed," he said. "Maybe they've tightened up a few practices, but again, this is the kind of thing that receives attention only when it's a screaming baby. After the baby's not making any noise, everybody goes back to what they were doing. That's the typical response."
"This is anecdotal but I spoke to somebody and they said to me that they were joining Ashley Madison because it was more secure now."
Also on HuffPost