Ashley Madison hack yet to spur changes in web security

TORONTO -- Far from the wake-up call some expected, the data breach that aired the personal dealings and financial information of Ashley Madison clients has yet to spur concrete changes in web security or the online dating industry.

See Full Article

Months later, technology experts say public interest in the hack that once made global headlines has faded -- and so has the incentive for companies to beef up their information security.

Nor has the incident proved a death knell for Ashley Madison or its parent company, Avid Life Media, though the adultery site's fate remains uncertain and its operations shrouded in secrecy.

The company would not comment, saying only that it "continues to have strong fundamentals with tens of thousands of new members joining AshleyMadison.com every week."

"As for 2016, we look forward to the continued successful operation of AshleyMadison.com, and the rest of our brands at Avid Life Media," spokesman Paul Keable said in an email.

Its founder and former CEO, Noel Biderman, who stepped down in August, did not respond to interview requests.

A resume-style website bearing his name describes him as "a Canadian entrepreneur, former lawyer, sports agent and business marketing and operations specialist," but makes no mention of Ashley Madison or Avid Life Media.

This summer's data breach fuelled a worldwide debate on infidelity and spawned a criminal investigation, a probe by Canada's privacy commissioner and at least one proposed national class-action lawsuit, although it's yet to be certified.

Yet aside from the titillation and moral outrage associated with the adultery site, the Ashley Madison leak was no different than any other significant breach, said Carmi Levy, a technology analyst based in London, Ont.

"Every time there's a major security breach of any kind, there's a whirlwind of activity around it, everyone becomes indignant, everyone talks about it, everyone worries, there's chaos and of course there are promises flying left, right and centre," he said.

But as the crisis fades, many of those promises are unfulfilled, Levy said.

"We get back into the day-to-day...and improving security infrastructure and changing processes to keep the bad guys out simply becomes a lower priority, and in many cases, it simply never filters to the top of the priority list -- until the next crisis occurs, and then the same cycle repeats anew."

That same cycle plays out in online dating, which collects highly personal information while being plagued by fraud and other pitfalls, said David Evans, a Vermont-based industry consultant and analyst behind the trade blog Online Dating Insider.

"Everybody's been hacked, it's whether it's been publicized or not -- I think that's the standard now," he said, adding the dating industry is just one of many targeted by cyber-criminals.

Companies will spend money to tighten security if they can find a way to profit from it, but investments into other services such as in-app purchases are better suited to boosting revenue, he said.

While the Ashley Madison leak likely led some to rethink their membership with the site or its competitors, overall, the industry is thriving, he said.

In the U.S., online and mobile dating account for roughly three-quarters of the $2.4-billion dating services industry, according to an IBISWorld report issued after the hack. A similar report issued before the leak found online and mobile dating took about the same share of Canada's $153.1-million dating services industry.

With several other sites in its portfolio, Avid Life Media will likely bounce back as well, Evans said, though he suspects the incident caused "a huge revenue dent" in addition to the loss of its top executive.

But another expert says the publicity stemming from the breach may work in the company's favour.

"This is anecdotal but I spoke to somebody and they said to me that they were joining Ashley Madison because it was more secure now," said Patrick Malcolm, a digital forensics and security expert with the Ottawa consultancy firm Netrunner Inc.

After the July hack, Biderman told journalist Brian Krebs, who first reported on the breach, that it appeared to be an inside job, though not by a current employee.

Ashley Madison said it had managed to secure its sites and "close the unauthorized access points." The Toronto cyber-security firm hired to audit the source code said it didn't appear any software vulnerabilities had been exploited.

However, there's no evidence the company has actually changed its protocols, Malcolm said.

"They knew it was an insider so there's no reason for them to do anything to their website, which is the reason why I don't think it's changed," he said.

"Maybe they've tightened up a few practices, but again, this is the kind of thing that receives attention only when it's a screaming baby. After the baby's not making any noise, everybody goes back to what they were doing. That's the typical response."



Advertisements

Latest Tech & Science News

  • Top 10 new species of 2018 include volcanic bacterium and a hitchhiking beetle

    Tech & Science CBC News
    From a tree to an orangutan to bacterium, the annual top 10 new species list has the newest stars of Earth's biodiversity. The list is compiled by the State University of New York's College of Environmental Science and Forestry and its International Institute for Species Exploration (IISE), which first began their list in 2008. Source
  • Chimpanzee beds are cleaner than ours, study finds

    Tech & Science CBC News
    This is an excerpt from Second Opinion, a weekly roundup of eclectic and under-the-radar health and medical science news emailed to subscribers every Saturday morning. If you haven't subscribed yet, you can do that by clicking here. Who knew that our closest animal relatives, the great apes — specifically chimpanzees — keep tidier bedrooms than we humans do? Source
  • Legend of Loch Ness monster facing DNA testing

    Tech & Science CTV News
    WELLINGTON, New Zealand - The stories seem as tall as the lake is deep. For hundreds of years, visitors to Scotland's Loch Ness have described seeing a monster that some believe lurks in the depths. Source
  • Amazon urged not to sell face-recognition tool to police

    Tech & Science CBC News
    The American Civil Liberties Union and other privacy activists are asking Amazon to stop marketing a powerful facial recognition tool to police, saying law enforcement agencies could use the technology to "easily build a system to automate the identification and tracking of anyone. Source
  • Russia's 1st sea-borne nuclear power plant arrives in the Arctic

    Tech & Science CBC News
    Russia's first floating nuclear power plant arrived in the Arctic port of Murmansk over the weekend in preparation for its maiden mission: providing electricity to an isolated Russian town across the Bering Strait from Alaska. The state company behind the plant, called the Akademik Lomonosov, says it could pioneer a new power source for remote regions of the planet, but green campaigners have expressed concern about the risk of nuclear accidents. Source
  • Black bear kills dog that jumped out car window in Jasper National Park

    Tech & Science CTV News
    JASPER, Alta. -- A black bear is being watched in Jasper National Park after it killed a dog that jumped out of a vehicle. Parks Canada officials say the encounter happened on Wednesday when a car pulled over to the side of the road to view the bear and the dog jumped out of an open window. Source
  • ACLU: Amazon shouldn't sell face-recognition tech to police

    Tech & Science CTV News
    SEATTLE -- The American Civil Liberties Union and other privacy activists are asking Amazon to stop marketing a powerful facial recognition tool to police, saying law enforcement agencies could use the technology to "easily build a system to automate the identification and tracking of anyone. Source
  • Siri winning battle of the virtual assistants in Canada: poll

    Tech & Science CTV News
    TORONTO -- In the heated battle between Amazon, Apple, Google and Microsoft to get consumers hooked on their virtual assistants, Siri seems to be enjoying the first-mover advantage. Just shy of 40 per cent of Canadian adults recently used a virtual assistant, according to a report by the Media Technology Monitor, which polled almost 8,200 Canadians by phone late last year. Source
  • Hawaii volcano generates toxic gas plume called laze

    Tech & Science CTV News
    PAHOA, Hawaii -- The eruption of Kilauea volcano in Hawaii sparked new safety warnings about toxic gas on the Big Island's southern coastline after lava began flowing into the ocean and setting off a chemical reaction. Source
  • Wolves adjust sleeping habits to avoid human contact, research suggests

    Tech & Science CBC News
    New research has found some carnivores in Kananaskis Country have altered their behaviour in response to the presence of humans. The results come from a University of Victoria master's student, who studied data from motion-triggered cameras in Kananaskis and the more remote Willmore Wilderness Park north of Jasper. Source