By Gadjo Cardenas Sevilla
Ashley Madison's entire business plan is hinged on their ability to securely store customer's information including intimate photographs, personal profiles and chats. The website was recently hacked and 37 million customer's accounts were reportedly taken and hackers are threatening to leak all this information online unless the site is completely shut down.
Ashley Madison is a website and online community that unabashedly encourages people to have extramarital affairs. It is a dating site designed around making it easy to find various attached partners for casual encounters and no-strings attached sex.
Ashley Madison's entire business plan is hinged on their ability to securely store customer's information including intimate photographs, personal profiles, sexual fantasies and intimate chats. Their homepage boasts a 'Trusted Security Award,' it promises a '100 % Discreet Service,' and is an 'SSL Secured Site.'
Despite this, Ashley Madison was recently hacked and 37 million customer's accounts, mostly from the US and Canada, were reportedly taken and hackers are threatening to leak all this information online unless the website property is closed down.
Ashley Madison is no starry-eyed startup. The company has been in business since 2001 and is ranked 18 among global adult-oriented sites, it has over 124 million visits per month, as of 2015 and is localized in over a dozen countries. One would think that security would be first and foremost for a company that operates on the premise of discretion.
“We apologize for this unprovoked and criminal intrusion into our customers’ information,” Avid Life, Ashley Madison's mother company said, adding that the hackers left behind posts and images on the website detailing their demands. The unauthorized posts have since been removed.
Complete online security is an illusion
This is just the most recent in a rash of high profile online security breaches that have affected hundreds of millions of users subscribing to gaming services, banks, payment systems, retailers and even multi-billion dollar technology companies. In most of these cases, the breaches have been absolute, taking every bit of valuable information. This is happening more frequently and to larger and larger companies that don't seem to have the inclination to double down on online security.
This really is an eye opener for everyone who has had to place any of their personal information online. Whether it is crusading white hat hackers aiming to take down a dating site, or more sinister organizations mining for financial information and passwords, it sometimes feels like all our personal data is just there for the taking and there's nothing we can do about it.
As Ashley Madison explains, “We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world. As other companies have experienced, these security measures have unfortunately not prevented this attack to our system.”
Most companies who are brought down offer a similar explanation, they were hacked despite having the best possible security measures in place.
It seems that the onus really falls on customers and users of the service to now decide whether they are willing to take a chance at risking their personal information online. I'm talking more than just names and passwords, there are addresses, credit card numbers, financial information, personal communications and even images and photographs that can be taken at any time.
It really calls to question that despite the fast pace of technology and continued innovation, online security seems to be one critical area that hasn't evolved to where it should be.
Customers should demand better security, they deserve it
It is one thing to entrust one's information and data to a free community or social media website. There's always the possibility that this information will be sold or mined for buyer info in order to generate ad units. This is how Facebook and Google maks much of their advertising profits. But, when you're paying for an online service or are availing of benefits and advantages included in a membership, you should not have to worry whether your information is secure or not. At least, that's what we have been conditioned to believe.
Pressure needs to come from users and customers of any service we invest our time and money on, to push for better standards of encryption as well as more transparency on how our personal data is handled, stored and disposed.