Ashley Madison hack yet to spur changes in web security

TORONTO -- Far from the wake-up call some expected, the data breach that aired the personal dealings and financial information of Ashley Madison clients has yet to spur concrete changes in web security or the online dating industry.

See Full Article

Months later, technology experts say public interest in the hack that once made global headlines has faded -- and so has the incentive for companies to beef up their information security.

Nor has the incident proved a death knell for Ashley Madison or its parent company, Avid Life Media, though the adultery site's fate remains uncertain and its operations shrouded in secrecy.

The company would not comment, saying only that it "continues to have strong fundamentals with tens of thousands of new members joining AshleyMadison.com every week."

"As for 2016, we look forward to the continued successful operation of AshleyMadison.com, and the rest of our brands at Avid Life Media," spokesman Paul Keable said in an email.

Its founder and former CEO, Noel Biderman, who stepped down in August, did not respond to interview requests.

A resume-style website bearing his name describes him as "a Canadian entrepreneur, former lawyer, sports agent and business marketing and operations specialist," but makes no mention of Ashley Madison or Avid Life Media.

This summer's data breach fuelled a worldwide debate on infidelity and spawned a criminal investigation, a probe by Canada's privacy commissioner and at least one proposed national class-action lawsuit, although it's yet to be certified.

Yet aside from the titillation and moral outrage associated with the adultery site, the Ashley Madison leak was no different than any other significant breach, said Carmi Levy, a technology analyst based in London, Ont.

"Every time there's a major security breach of any kind, there's a whirlwind of activity around it, everyone becomes indignant, everyone talks about it, everyone worries, there's chaos and of course there are promises flying left, right and centre," he said.

But as the crisis fades, many of those promises are unfulfilled, Levy said.

"We get back into the day-to-day...and improving security infrastructure and changing processes to keep the bad guys out simply becomes a lower priority, and in many cases, it simply never filters to the top of the priority list -- until the next crisis occurs, and then the same cycle repeats anew."

That same cycle plays out in online dating, which collects highly personal information while being plagued by fraud and other pitfalls, said David Evans, a Vermont-based industry consultant and analyst behind the trade blog Online Dating Insider.

"Everybody's been hacked, it's whether it's been publicized or not -- I think that's the standard now," he said, adding the dating industry is just one of many targeted by cyber-criminals.

Companies will spend money to tighten security if they can find a way to profit from it, but investments into other services such as in-app purchases are better suited to boosting revenue, he said.

While the Ashley Madison leak likely led some to rethink their membership with the site or its competitors, overall, the industry is thriving, he said.

In the U.S., online and mobile dating account for roughly three-quarters of the $2.4-billion dating services industry, according to an IBISWorld report issued after the hack. A similar report issued before the leak found online and mobile dating took about the same share of Canada's $153.1-million dating services industry.

With several other sites in its portfolio, Avid Life Media will likely bounce back as well, Evans said, though he suspects the incident caused "a huge revenue dent" in addition to the loss of its top executive.

But another expert says the publicity stemming from the breach may work in the company's favour.

"This is anecdotal but I spoke to somebody and they said to me that they were joining Ashley Madison because it was more secure now," said Patrick Malcolm, a digital forensics and security expert with the Ottawa consultancy firm Netrunner Inc.

After the July hack, Biderman told journalist Brian Krebs, who first reported on the breach, that it appeared to be an inside job, though not by a current employee.

Ashley Madison said it had managed to secure its sites and "close the unauthorized access points." The Toronto cyber-security firm hired to audit the source code said it didn't appear any software vulnerabilities had been exploited.

However, there's no evidence the company has actually changed its protocols, Malcolm said.

"They knew it was an insider so there's no reason for them to do anything to their website, which is the reason why I don't think it's changed," he said.

"Maybe they've tightened up a few practices, but again, this is the kind of thing that receives attention only when it's a screaming baby. After the baby's not making any noise, everybody goes back to what they were doing. That's the typical response."



Advertisements

Latest Tech & Science News

  • Man is charged with flying drones to bring drugs from Mexico

    Tech & Science CTV News
    SAN DIEGO -- A 25-year-old U.S. citizen has been charged with using a drone to smuggle more than 13 pounds (6.1 kilograms) of methamphetamine from Mexico by drone, an unusually large seizure for what is still a novel technique to bring illegal drugs into the United States, authorities said Friday. Source
  • Eclipse to have big impact on California power grid

    Tech & Science CTV News
    SACRAMENTO, Calif. -- When the moon passes in front of the sun during Monday's eclipse California will lose enough solar energy to power more than 1.5 million homes, a figure that underscores the state's growing reliance on energy from the sun. Source
  • Asian carp found near Lake Michigan got past barriers

    Tech & Science CTV News
    TRAVERSE CITY, Mich. -- Officials say an Asian carp found in a Chicago waterway this summer apparently got past an electric barrier system intended to prevent the invasive fish from reaching the Great Lakes. The Asian Carp Regional Coordinating Committee says an autopsy shows the 4-year-old male silver carp originated in the Illinois/Middle Mississippi watershed. Source
  • Demand for eclipse glasses outpaces supply

    Tech & Science CBC News
    Ali Van Orman is still looking for specialized glasses to protect her family's eyes during Monday's solar eclipse because she never counted on demand totally eclipsing supply. She tried to buy a coveted pair of solar eclipse glasses for herself and two children from Amazon back in July, but the hot commodities wouldn't have arrived in time. Source
  • Reduced speeds for right whales prompts surcharge for Oceanex Montreal-St. John's route

    Tech & Science CBC News
    Due to new rules brought in by the federal government in an attempt to protect an unusual number of endangered right whales in the Gulf of St. Lawrence, Oceanex has introduced a temporary surcharge for vessel operations between St. Source
  • NASA launches last of its longtime tracking satellites

    Tech & Science CTV News
    CAPE CANAVERAL, Fla. -- NASA launched the last of its longtime tracking and communication satellites on Friday, a vital link to astronauts in orbit as well as the Hubble Space Telescope. The end of the era came with a morning liftoff of TDRS-M, the 13th satellite in the Tracking and Data Relay Satellite network. Source
  • NASA marking 40 years since Voyager spacecraft launches

    Tech & Science CTV News
    CAPE CANAVERAL, Fla. -- Forty years after blasting off, Earth's most distant ambassadors -- the twin Voyager spacecraft -- are carrying sounds and music of our planet ever deeper into the cosmos. Think of them as messages in bottles meant for anyone -- or anything -- out there. Source
  • Digital vigilantism after Charlottesville: Get ready for more naming and shaming

    Tech & Science CBC News
    In many ways, last weekend's rally in Charlottesville, Va., was a chilling throwback to an era most people had hoped we'd moved on from, one in which racists were emboldened to march in the streets, denouncing the lives and rights of others through violence and angry chants, yelling, "White lives matter" and "Jews will not replace us. Source
  • Solar eclipse myth-busting: Facts and fiction behind nature's stunning event

    Tech & Science CBC News
    Have you heard that it's safe to look at an eclipse through sunglasses? Or that radiation during one could be dangerous for unborn children? Don't believe it. Solar eclipses aren't your run-of-the-mill event: while they occur about once every 18 months, the same location may not experience one for many years. Source
  • Hundreds of birds injured by kites on Indian independence day

    Tech & Science CTV News
    NEW DELHI - The annual tradition of flying kites over the Indian capital on Independence Day takes a painful toll on birds that fall victim to their razor-sharp strings. Workers at the Charity Birds Hospital see it happen every year - mostly to pigeons but also to crows, eagles and parrots. Source