Ashley Madison hack yet to spur changes in web security

TORONTO -- Far from the wake-up call some expected, the data breach that aired the personal dealings and financial information of Ashley Madison clients has yet to spur concrete changes in web security or the online dating industry.

See Full Article

Months later, technology experts say public interest in the hack that once made global headlines has faded -- and so has the incentive for companies to beef up their information security.

Nor has the incident proved a death knell for Ashley Madison or its parent company, Avid Life Media, though the adultery site's fate remains uncertain and its operations shrouded in secrecy.

The company would not comment, saying only that it "continues to have strong fundamentals with tens of thousands of new members joining AshleyMadison.com every week."

"As for 2016, we look forward to the continued successful operation of AshleyMadison.com, and the rest of our brands at Avid Life Media," spokesman Paul Keable said in an email.

Its founder and former CEO, Noel Biderman, who stepped down in August, did not respond to interview requests.

A resume-style website bearing his name describes him as "a Canadian entrepreneur, former lawyer, sports agent and business marketing and operations specialist," but makes no mention of Ashley Madison or Avid Life Media.

This summer's data breach fuelled a worldwide debate on infidelity and spawned a criminal investigation, a probe by Canada's privacy commissioner and at least one proposed national class-action lawsuit, although it's yet to be certified.

Yet aside from the titillation and moral outrage associated with the adultery site, the Ashley Madison leak was no different than any other significant breach, said Carmi Levy, a technology analyst based in London, Ont.

"Every time there's a major security breach of any kind, there's a whirlwind of activity around it, everyone becomes indignant, everyone talks about it, everyone worries, there's chaos and of course there are promises flying left, right and centre," he said.

But as the crisis fades, many of those promises are unfulfilled, Levy said.

"We get back into the day-to-day...and improving security infrastructure and changing processes to keep the bad guys out simply becomes a lower priority, and in many cases, it simply never filters to the top of the priority list -- until the next crisis occurs, and then the same cycle repeats anew."

That same cycle plays out in online dating, which collects highly personal information while being plagued by fraud and other pitfalls, said David Evans, a Vermont-based industry consultant and analyst behind the trade blog Online Dating Insider.

"Everybody's been hacked, it's whether it's been publicized or not -- I think that's the standard now," he said, adding the dating industry is just one of many targeted by cyber-criminals.

Companies will spend money to tighten security if they can find a way to profit from it, but investments into other services such as in-app purchases are better suited to boosting revenue, he said.

While the Ashley Madison leak likely led some to rethink their membership with the site or its competitors, overall, the industry is thriving, he said.

In the U.S., online and mobile dating account for roughly three-quarters of the $2.4-billion dating services industry, according to an IBISWorld report issued after the hack. A similar report issued before the leak found online and mobile dating took about the same share of Canada's $153.1-million dating services industry.

With several other sites in its portfolio, Avid Life Media will likely bounce back as well, Evans said, though he suspects the incident caused "a huge revenue dent" in addition to the loss of its top executive.

But another expert says the publicity stemming from the breach may work in the company's favour.

"This is anecdotal but I spoke to somebody and they said to me that they were joining Ashley Madison because it was more secure now," said Patrick Malcolm, a digital forensics and security expert with the Ottawa consultancy firm Netrunner Inc.

After the July hack, Biderman told journalist Brian Krebs, who first reported on the breach, that it appeared to be an inside job, though not by a current employee.

Ashley Madison said it had managed to secure its sites and "close the unauthorized access points." The Toronto cyber-security firm hired to audit the source code said it didn't appear any software vulnerabilities had been exploited.

However, there's no evidence the company has actually changed its protocols, Malcolm said.

"They knew it was an insider so there's no reason for them to do anything to their website, which is the reason why I don't think it's changed," he said.

"Maybe they've tightened up a few practices, but again, this is the kind of thing that receives attention only when it's a screaming baby. After the baby's not making any noise, everybody goes back to what they were doing. That's the typical response."



Advertisements

Latest Tech & Science News

  • Jet lag can adversely affect Major League Baseball players: study

    Tech & Science CBC News
    A new study has found the jet lag that goes with a grinding schedule of Major League Baseball games that takes players from coast to coast and back again can take its toll on performance. Source
  • Paris tests electric driverless minibus to fight air pollution

    Tech & Science CTV News
    PARIS -- In a city hit by chronic pollution and traffic problems, Paris officials are experimenting with a self-driving shuttle linking two train stations in the French capital. Two electric-power EZ10 minibuses, which can carry up to six seated passengers, were put into service Monday and will be tested until early April between the Lyon and Austerlitz stations in Paris. Source
  • Researchers unearth fossils of giant otter in China

    Tech & Science CBC News
    Scientists have unearthed fossils of an intriguingly large otter as big as a wolf that frolicked in rivers and lakes in a lush, warm and humid wetlands region in southwestern China about 6.2 million years ago. Source
  • Xiaomi's Hugo Barra quits China for Silicon Valley

    Tech & Science CTV News
    Hugo Barra, who caused a sensation in 2013 by leaving Google to become a vice president of Chinese smartphone maker Xiaomi, announced Monday he was returning to the United States for health reasons. Barra, under whom Xiaomi was for a time China's best-selling brand, described his experience as a "spectacular" journey but said it was time to return home for a "new adventure". Source
  • U.S. states uncertain what Trump victory means for wind and solar power

    Tech & Science CBC News
    President Donald Trump has disputed climate change, pledged a revival of coal and disparaged wind power, and his nominee to head the Energy Department was once highly skeptical of the agency's value. What this means for states' efforts to promote renewable energy is an open question. Source
  • N.S. wildlife park fundraising to save 'Little Bear' from euthanasia

    Tech & Science CTV News
    A wildlife park in Cape Breton, N.S., is appealing for donations to build a new cage for an orphaned black bear cub in their care. The nearly one-year-old black bear, dubbed “Little Bear,” was found wandering alone by a pair of men on a highway near Whycocomagh, N.S. Source
  • China's online population reaches 731 million

    Tech & Science CTV News
    The number of internet users in China -- already the world's highest -- reached 731 million in December, authorities said, as e-commerce drives consumer demand across the Asian giant. Total internet users rose 6.2 per cent from the end of December 2015 and equals the entire population of Europe, the government-linked China Internet Network Information Center (CNNIC) said in a statement Sunday on its website. Source
  • Samsung: Batteries only problem with fire-prone Note 7s

    Tech & Science Toronto Sun
    SEOUL, Korea, Republic Of — Samsung Electronics Co. said Monday that problems with the design and manufacturing of batteries in its Galaxy Note 7 smartphones caused them to overheat and burst into fire. The announcement of results from the company’s investigation into one of its worst product fiascos comes three months after the flagship phone was discontinued. Source
  • Ribbon may have finally run out for India's typewriters

    Tech & Science CTV News
    NEW DELHI -- The end is coming, though admittedly it may not look that way at 10 a.m. on a Tuesday morning, when dozens of young Indians have arrived for morning classes at Anand Type, Shorthand and Keypunch College, and every battered Remington is clattering away. Source
  • China cracks down on VPN devices used to access blocked sites

    Tech & Science CTV News
    BEIJING -- A Chinese technology regulator has announced a 14-month campaign to root out services that allow people in the country to circumvent the government's internet censorship. The Ministry of Industry and Information Technology says it forbids the use of virtual private networks (VPNs) or leased lines that allow users and businesses to access blocked overseas websites without permission. Source