What Can We Learn From Ashley Madison?
Published on October 30, 2015
If there’s anything to be learned from the enormous information leak from Ashley Madison, it’s that neither fidelity nor internet security are sure things. While 37 million different users have some explaining to do, the rest of us can take heed from this debacle and practice safer internet habits upon logging in. Security starts with individual users. Here are the takeaways from the Ashley Madison leak:
Don’t Just Rely On a Company’s Security Policy
The first thing we can all learn from Ashley Madison is to not take security policies for granted. Look at how much information people are willing to lend companies, even though these companies are under no actual obligation to keep this information safe. Beyond the fact that users were scouting for extramarital partners, they also had to fess up their credit card information and email addresses, many of which were work accounts.
As Fusion reports:
We now know, of course, that Ashley Madison had all kinds of holes in its data practices, including storing seven years’ worth of credit card transactions, and a password reset loophole that allowed bystanders to check whether a certain email address was registered on the site.
That being said, it’s important to read the fine print and take extra precautions of your own when engaging online.
Don’t Trust a Braggart
Let’s rewind to ex-CEO Noel Biderman’s interview with V.v. Magazine from earlier this year. When asked if he feared a hack, Biderman responded:
Our database is all anonymous. You could be using my service right now and I wouldn’t know. On the credit card side, we’re not interested in that level of security. That’s not what our organization is about. We are a social network so we hand it off to companies who are suited to that. Putting the data in a bunker away from everybody else is our approach. But everyone is fearful of it. We have done a really great job of making sure our data is kept secret; the anonymity of it hopefully gives comfort to our members.
Biderman frequently boasted about his website’s security measures, and when combined with racy ideology, the database became total hack-bait. If you’re providing your personal information to a website that sounds a little too good to be true, it is.
As Always, Keep Your Information Safe On Public Wifi
We’ve written about it before, but the advice remains the same. While Ashley Madison’s leak didn’t necessarily originate from a wifi network, it reinforces the need to up your security’s ante when out in public.
Sound a little complicated?
This is where the Geek team would love to step in! Drop us a line if you have any questions concerning digital security or if you need additional support building a website.