The popular online dating service Ashley Madison announced Monday that its website had been hacked and that the personal information of millions of users had been compromised.
A group of hackers known as Impact Team took credit for the breach, saying they had stolen information on 37 million Ashley Madison users. The hackers said that in order to prevent the release of user’s real names, passwords and financial transactions, the entire site – which caters mostly to individuals who wish to cheat on their spouses – must be shut down entirely. Some of the information was already leaked, but not the bulk of what was collected, according to The New York Times (The Times).
One of the hackers’ complaints was that Ashley Madison did not delete user data. In response, the service’s parent company Avid Life Media said Monday that it had adjusted its policy for deleting user data.
“We immediately launched a thorough investigation,” the company told The Times, “utilizing leading forensics experts and other security professionals to determine the origin, nature and scope of this incident.”
Anyone age 18 or older can open an account at Ashley Madison. The site is intended to be discreet, and customers can use a pseudonym. The service has long promised users that they can delete their profiles from the site for $19, but the hackers say the user information is never actually deleted. Some experts believe the hackers had to have come from someone within the company in order for the hackers to know that information. Ashley Madison insists that when users scrub accounts, all information is erased, but the site waived its deletion fee for all members on Monday, The Times reported.
News of the security breach was first reported by Brian Krebs, a journalist who covers online security. Noel Biderman, chief executive of Avid Life Media, told Mr. Krebs that the hacker “was definitely a person here that was not an employee but certainly had touched our technical services.” The company declined to respond to additional questions about who was behind the breach, according to The Times.
American copyright law permits Ashley Madison to permanently delete private user information leaked in the breach and posted to other websites. The company said on Monday that it was in the process of doing just that to guard the identities of those who had used its service; however, Paul Ferguson, senior adviser for Trend Micro, a security software provider, said that information on Ashley Madison that had been scrubbed in one online forum was beginning to pop up elsewhere on the Internet. “Once something is published on the Internet,” he said, “it’s there forever,” he told The Times.
The post Ashley Madison Breach Raises the Question: Can Internet Users Ever Really Delete Information They Put Online? appeared first on Parker Waichman -
from Parker Waichman http://www.yourlawyer.com/blog/ashley-madison-breach-raises-the-question-can-internet-users-ever-really-delete-information-they-put-online/
No comments:
Post a Comment