Ashley Madison – Life is Short. Have a Data Breach
Wed 11 Jan 2017
You may remember the Ashley Madison hacks, which took place between 2014 and 2015. If not, the company whose strapline was “Life is short. Have an affair,” found itself the victim of a cyber attack, in which the personal details of more than 36 million users were released online. An investigation followed and it was ruled that Ashley Madison was guilty of lax security practices, which allowed intruders to access its computer networks on a number of occasions and go undetected. At one point, it appeared as though the business was facing a fine of around $17.5 million. Recently, it was disclosed that Ashley Madison will only have to pay the considerably-smaller sum of $1.66 million.
Ashley Madison’s Less-than-honest Protocols
It has also been revealed that Ruby Corp, the owners of the Ashley Madison website, created fake profiles, in order to lure new subscribers into using its services. In addition, it was found that the company held onto user information, even though many had paid for a service that supposedly “removes all trace of your usage.” However, in light of its less-than-honest protocols and a distinct lack of security procedures, how is it that the business has managed to evade a larger fine?
Escaping the Fine
The Federal Trade Commission originally levied a fine of over $17 million at Ruby Corp, who found that they were unable to pay it. “I recognise that it was a far lower number frankly than I would have liked,” said Federal Trade Commission chairwoman Edith Ramirez. “We want them to feel the pain. We don’t want them to profit from unlawful conduct. At the same time, we are not going to seek to put a company out of business.”
The size of the fine also means that not one of Ashley Madison’s 26 million compromised clients will receive a dime in compensation. Class-action law suits against Ashley Madison are pending.
For all businesses, this case highlights the importance of online security; your customers trust you with sensitive data – data that, if leaked could see you facing fines, litigation and irreparable damage to your brand.
Comments are closed.