The Inherent Risks of Online Data: Lessons from the Ashley Madison Hack

by Matt Klassen on August 21, 2015

As you have no doubt heard, in July adult-oriented website Ashley Madison, one of many sites dedicated to discreetly connecting individuals looking for casual or on-the-side encounters, was hacked, and earlier this week the hackers, as promised, released the sensitive stolen information to the world, including names, emails, and credit card numbers of the site’s members.

While the news likely came as shock to the site’s users, who had been promised privacy by a website advertising itself as “the last truly secure space on the Internet,” it should serve as a wake-up call for everyone else: nothing is safe on the Internet…nothing.

So whether you applaud the cyber-attack as some sort of digital karma or criticize it for illegally entering a private corporate network and data theft, let me put ethical judgments aside for the moment and say that there is something we can all learn from the Ashley Madison hack, and that’s the inherent dangers of the online world. The simple lesson here is: Don’t post anything on the Internet you wouldn’t want your grandmother to see, and that includes your willingness for on-the-side relationships.

While I promised to attempt to remove moral judgments from this post, I will say that I find this entire situation unfortunate. Sure we could say that poor choices have been made, but making those poor choices public will destroy lives, and the vast majority of those lives had nothing to do with the website itself.

But as ZDNET’s Charlie Osborne writes, the online world is comes with inherent risk, and that’s a point we always seem to forget. “We’re kidding ourselves if we think email is secure, if our Facebook accounts will never be compromised, and our pursuit of on-the-side affairs through the Web are risk-free.”

Now that’s not to say that all the information we post on the Internet will be hacked, but that every bit of data we do post has the very real possibility of being stolen. It’s like a digital game of Russian roulette: the more sensitive the data, the higher the stakes, and it’s just a matter of time before our luck runs out.

Further, it’s not only a risk that every individual Internet user needs to be aware, there are lessons to be learned here for the business world as well. As I’ve said before, the more data you make available for cybercriminals, the more enticing a target you become.

“Information has become toxic for retailers because the more they have, the bigger a target they become,” said Lamar Bailey, security researcher at IT security firm Tripwire, in a post I wrote last year. “The ongoing rash of attacks brings into question what information an organisation should be keeping.”

It’s a revolutionary way of thinking about information, particularly in an age where data gluttons are par for the course, but as Reuters’ journalist Peter Apps said in that same piece, “The best defence may simply be either to reduce the data they hold or encrypt it so well that if stolen it will remain useless.” If a company has less data or heavily encrypted data they’ll be less of a target, meaning ultimately more protection for consumer information and less revenue lost to data theft.”

It is advice Ashley Madison should likely have heeded before the sensitive information of its discretion-seeking clientele was exposed to the world, but while it’s likely to late for them, consider this a heads-up for you as an individual and for your business, an opportunity to think about your data sharing and collection habits and how you might be able to mitigate cyber-disaster when it inevitably befalls you.

Did you like this post ? publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. Follow by: RSS, Twitter, Facebook, or YouTube.

Comments on this entry are closed.

Previous post:

Next post: