HEY, REMEMBER the hook-up site Ashley Madison that kept illicit affairs quiet until it got hacked? Well, people are still shaking their heads over the security procedures the company had in place.
A report from worried people in Canada and Australia is very critical of the privacy in place at the singles sausage party, and parent company Avid Media has promised to take the advice on board and never expose its precious users again.
Ashley Madison has over 47,990,000 members, according to its front page, and there is a good chance that a lot of them are chaps because the firm was accused of using sex bots to make sad men think that they are wanted by sexually attractive women.
The Office of the Privacy Commissioner of Canada (OPC) and the Office of the Australian Information Commissioner (OAIC) have set out their opinion stalls about Ashley Madison.
“Privacy breaches are a core risk for any organisation with a business model based on the collection and use of personal information. Where data is highly sensitive and attractive to criminals, the risk is even greater,” said Canada’s privacy commissioner Daniel Therrien.
“Handling huge amounts of this kind of personal information without a comprehensive information security plan is unacceptable. This is an important lesson all organisations can draw from the investigation.”
Ashley Madison explained that it will take this on the chin and be more open about what it does between, and behind, the sheets.
“We hope that by openly speaking about the breach and our commitments to the OPC and the OAIC we can help other organisations and business leaders who are facing increased cyber security challenges,” said Ashley Madison CEO Rob Segal.
“The company has cooperated with the commissioners throughout their investigation and will continue to share information with them as we honour the terms of the compliance agreement and enforceable undertaking.”
Segal has been in charge of the wang and buy sale only since July, but he had a lot to get over and a lot to get done.
“The company continues to make significant, ongoing investments in privacy and security to address the constantly evolving threats facing online businesses,” he added.
“These investments are the cornerstone of rebuilding consumer trust over the long term.”
The firm has voluntarily entered into a compliance agreement with the OPC and an enforceable undertaking with the OAIC. The firm expects these efforts to help restore trust in its services, but perhaps it was not looking at affected and hurt spouses when it said that.
Two immediate changes on the site are the ability for people to join without using an email address, which is novel, and to delete all their content and details when they go.