Breaches of the digital systems of big box companies is nothing new in the society we live in. In fact, most cyber breaches are now greeted with a collective yawn by the general public. Another breach, another new credit card in the mail, our accounts monitored for a bit…we’ve gotten used to the drill. However, every now and then a breach does get our attention. The Sony breach was an example…with lots of gossip about Hollywood personalities that naturally made our media driven public take notice. Since then there has the been the usual mundane breaches…more big box stores, government agencies, the White House.
Now comes another breach that is making the headlines and capturing public interest…Ashley Madison. To bring you up to speed, there is/was a ‘dating ‘ site in Canada that serviced married people in finding someone to cheat with. According to reports there was nearly 40 million people signed up to the site. Hacker(s) breached the site last month and a good portion of the ‘confidential’ records were stolen. Those records included names, addresses and credit card numbers (you had to pay to ‘meet’ someone). Interestingly, the hackers were not interested in financial gain…at least on the surface…but demanded that the site be closed down or else they would make public the records. Naturally this has many married people (40 million) a tad nervous that their indiscretion might be made public.
Time passed, the demands of the hacker(s) went unmet, and the records are now being made public. Hacker(s) posted a notice saying “Time’s Up…We have explained the fraud, deceit and stupidity of ALM (Ashley Madison) and their members. Now everyone gets to see their data”. The stolen records are reportedly being released on the ‘Dark Web’. Some claim that this breach is nothing more than criminal activity…blackmail. One might also consider this a form of hacktivism…hacking a site to undo what some might consider unjust, morally wrong, unfair….etc ,etc.
Whatever the reasoning behind the breach…whatever the hacker(s) axe to grind is, what stands out is that once again the public in entranced by the possibility of gossip, slander, and potential personal damage to countless individuals…let alone the ‘possibility’ that someone of prominence might be caught up in the scandal and exposed. A government agency loses 20 million records to hackers and it gets one news cycle, but a juicy scandal like this gets endless coverage…so goes our society and their interest in cybersecurity.
On the positive side to all this is the fact that maybe, just maybe, those entrusted with sensitive information might see this breach as one more reason to rethink their cybersecurity, harden their sites, beef up member training, and more closely monitor traffic and access levels. This might also bring us to the realization that cyber defense should not be an individual action, but a consorted effort by everyone with a vested interest in technology to get together and once and for all ‘work’ not ‘talk’ towards a permanent solution to our cybersecurity woes.
If you enjoy our daily blogs on cybersecurity, please join us on Twitter or Facebook.