Ashley Madison hack yet to spur changes in web security

TORONTO -- Far from the wake-up call some expected, the data breach that aired the personal dealings and financial information of Ashley Madison clients has yet to spur concrete changes in web security or the online dating industry.

See Full Article

Months later, technology experts say public interest in the hack that once made global headlines has faded -- and so has the incentive for companies to beef up their information security.

Nor has the incident proved a death knell for Ashley Madison or its parent company, Avid Life Media, though the adultery site's fate remains uncertain and its operations shrouded in secrecy.

The company would not comment, saying only that it "continues to have strong fundamentals with tens of thousands of new members joining AshleyMadison.com every week."

"As for 2016, we look forward to the continued successful operation of AshleyMadison.com, and the rest of our brands at Avid Life Media," spokesman Paul Keable said in an email.

Its founder and former CEO, Noel Biderman, who stepped down in August, did not respond to interview requests.

A resume-style website bearing his name describes him as "a Canadian entrepreneur, former lawyer, sports agent and business marketing and operations specialist," but makes no mention of Ashley Madison or Avid Life Media.

This summer's data breach fuelled a worldwide debate on infidelity and spawned a criminal investigation, a probe by Canada's privacy commissioner and at least one proposed national class-action lawsuit, although it's yet to be certified.

Yet aside from the titillation and moral outrage associated with the adultery site, the Ashley Madison leak was no different than any other significant breach, said Carmi Levy, a technology analyst based in London, Ont.

"Every time there's a major security breach of any kind, there's a whirlwind of activity around it, everyone becomes indignant, everyone talks about it, everyone worries, there's chaos and of course there are promises flying left, right and centre," he said.

But as the crisis fades, many of those promises are unfulfilled, Levy said.

"We get back into the day-to-day...and improving security infrastructure and changing processes to keep the bad guys out simply becomes a lower priority, and in many cases, it simply never filters to the top of the priority list -- until the next crisis occurs, and then the same cycle repeats anew."

That same cycle plays out in online dating, which collects highly personal information while being plagued by fraud and other pitfalls, said David Evans, a Vermont-based industry consultant and analyst behind the trade blog Online Dating Insider.

"Everybody's been hacked, it's whether it's been publicized or not -- I think that's the standard now," he said, adding the dating industry is just one of many targeted by cyber-criminals.

Companies will spend money to tighten security if they can find a way to profit from it, but investments into other services such as in-app purchases are better suited to boosting revenue, he said.

While the Ashley Madison leak likely led some to rethink their membership with the site or its competitors, overall, the industry is thriving, he said.

In the U.S., online and mobile dating account for roughly three-quarters of the $2.4-billion dating services industry, according to an IBISWorld report issued after the hack. A similar report issued before the leak found online and mobile dating took about the same share of Canada's $153.1-million dating services industry.

With several other sites in its portfolio, Avid Life Media will likely bounce back as well, Evans said, though he suspects the incident caused "a huge revenue dent" in addition to the loss of its top executive.

But another expert says the publicity stemming from the breach may work in the company's favour.

"This is anecdotal but I spoke to somebody and they said to me that they were joining Ashley Madison because it was more secure now," said Patrick Malcolm, a digital forensics and security expert with the Ottawa consultancy firm Netrunner Inc.

After the July hack, Biderman told journalist Brian Krebs, who first reported on the breach, that it appeared to be an inside job, though not by a current employee.

Ashley Madison said it had managed to secure its sites and "close the unauthorized access points." The Toronto cyber-security firm hired to audit the source code said it didn't appear any software vulnerabilities had been exploited.

However, there's no evidence the company has actually changed its protocols, Malcolm said.

"They knew it was an insider so there's no reason for them to do anything to their website, which is the reason why I don't think it's changed," he said.

"Maybe they've tightened up a few practices, but again, this is the kind of thing that receives attention only when it's a screaming baby. After the baby's not making any noise, everybody goes back to what they were doing. That's the typical response."



Advertisements

Latest Tech & Science News

  • World's biggest underwater cave found in Mexico

    Tech & Science CBC News
    A group of divers has found a connection between two underwater caverns in eastern Mexico to reveal what is believed to be the biggest flooded cave on the planet, a discovery that could help shed new light on the ancient Maya civilization. Source
  • Meteor credited for bright light, noise rattling Michigan

    Tech & Science CTV News
    DETROIT -- Experts say a bright light and what sounded like thunder in the sky above Michigan was a meteor. The American Meteor Society says it received hundreds of reports of a fireball Tuesday night over the state, including many in the Detroit area. Source
  • Meteor lights up sky over Windsor-Essex, triggers minor 'earthquake' in Michigan

    Tech & Science CBC News
    The United States Geological Survey has confirmed that a bright flash of light followed by a booming sound spotted in Windsor-Essex was a meteor that broke up over the Detroit area. Meteor showers, big rockets and asteroid encounters: What to expect in space in 2018 Social media across the region lit up with videos of the burning space matter Tuesday night around 8:10 p.m. Source
  • Genetic pot-pourri: Why cannabis strains don't all live up to their billing

    Tech & Science CBC News
    Red Diesel, Moby Dick, Lemon Burst, or how about Girl Scout Cookies? All names for "bud," the cannabis flower, and when the black market product goes legal in Canada this summer expect some heavy marketing of fancy names and their tantalizing effects. Source
  • Wildlife rescuers say Ontario ministry is bullying them, not helping

    Tech & Science CBC News
    Some wildlife rescuers in Ontario say they're being bullied and harassed by Ministry of Natural Resources and Forestry enforcement officers who know little about wildlife and are too heavy-handed with the rules. The operators of rescue centres say they are speaking out to shine a light on what they describe as poor treatment by conservation officers. Source
  • What's in your weed: Why cannabis strains don't all live up to their billing

    Tech & Science CBC News
    Red Diesel, Moby Dick, Lemon Burst, or how about Girl Scout Cookies? All names for "bud," the cannabis flower, and when the black market product goes legal in Canada this summer expect some heavy marketing of fancy names and their tantalizing effects. Source
  • If you fish for these invasive crabs, you can't sell them - you need to give them away free

    Tech & Science CBC News
    A Newfoundland fisherman says there's money to be made from green crab, an invasive species that's destroying the ocean habitat at the edge of Fortune Bay. But the department that's in control of commercial licences, Fisheries and Oceans Canada, is taking a cautious approach. Source
  • Lobsters 'very likely' feel pain when boiled alive, researcher says

    Tech & Science CBC News
    The Swiss government's recent ban on boiling lobsters alive may have had some Maritimers chuckling, but one researcher said there's merit to the move, and that it's "very likely" lobsters feel pain. Robert Elwood, professor emeritus of animal behaviour at Queen's University in Northern Ireland, has spent more than a decade researching the issue. Source
  • Warming climate could affect life in Arctic Ocean, says new study

    Tech & Science CBC News
    Climate change is transforming the Arctic Ocean in ways that could permanently alter the food chain and impact ocean species, according to a new study. The study, published in the journal Science Advances, looked at the concentration of the chemical element radium-228 in the central Arctic Ocean and found that between 2007 and 2015 the concentration doubled. Source
  • Why your birth year may increase your risk of dying during a flu pandemic

    Tech & Science CBC News
    New research suggests people born during a flu pandemic have a higher risk of death during a later flu pandemic. According to researchers at McMaster University and Université de Montréal, people born during the 1957 H2N2 pandemic, or Asian flu, were at a higher risk of dying during the 2009 H1N1 swine flu pandemic, as well as the resurgent H1N1 outbreak in 2013 and 2014. Source