Ashley Madison breach shows ugly side of hacking

Hacks of retailers like Target and Home Depot caught the public’s attention and data breaches of financial institutions like J.P. Morgan were further reason for concern. More recently, breaches of government agencies—like the Office of Personnel Management—have served as a further wake-up call as to just how serious a threat cyber attacks are to the public’s privacy and safety.

A more recent hack of the website Ashley Madison—an online dating service that targets married people or individuals in committed relationships interested in having an affair—have exposed just how ugly hacking can get. A hacker group calling itself the Impact Team has claimed credit for stealing the details of 38 million Ashley Madison users. The group threatened Ashley Madison’s parent company, Avid Life Media, saying it would release the information if the site was not shut down. Avid Life Media refused and the hacker group made good on its promise.

The Impact Team cited rampant corruption as its primary reason for targeting Ashley Madison, also claiming that the site was essentially profiting off others’ pain and that it had even become an avenue for human trafficking. The group compared Avid Life Media to a drug dealer feeding narcotics to addicted users.

The aftermath of this particular hack has been extremely messy. Celebrities have been caught up in scandals as a result of having their information leaked and reports of marriages and families breaking up over cheating revelations are beginning to pour out as well, as information had been made easily searchable online. Stories are even starting to surface that Ashley Madison customers who had their information leaked have taken their own lives, adding an additional tragic element to the story.

Predictably, there has also been a chorus of people making it clear that they believe that the customers exposed in the Avid Life Media hack don’t deserve sympathy because many were deceiving their partners and families by patronizing the site. Regardless of your opinion on the incident, however, the Ashley Madison hack is illustrating the emotional and psychological damage hackers can do. Often times the impact of data breaches is measured by the amount of money or hours of productivity it costs a business; but the effect these events can have on people’s lives is also profound.

What other lessons can be learned from this data breach? If the Impact Team is to be believed, Ashley Madison was another in a long line of organizations that, despite what may have been good intentions to protect sensitive information, was using antiquated or incomplete security solutions. In fact, in an interview, the group claimed that Avid Life Media’s security was “Bad” and that the “Only thing [it had] was [a] segmented network.”

Unfortunately, each new large-scale hack and data breach seems to shine a light on potential consequences of these events. And considering the increasing number and complexity of threats organizations are facing today it is rapidly becoming imperative that these organizations adopt well-rounded security strategies that include threat detection solutions; threat intelligence tools; automated defense and reporting capabilities; and incident response platforms among other products.

If you are concerned that your organization may be vulnerable to an attack and you would like to learn more about how a new approach to security could help you close these loops, read this story.