The Ashley Madison hack is a big reminder to all Web users: If you submit private data online, chances are it will never fully be deleted.
The hackers, who stole the data about a month ago and then posted it online this week, claimed in a statement that part of the reason for the theft was Ashley Madison’s fraudulent promise to fully delete users’ information if they paid the company a US$19 fee.
The Web site — whose slogan is “Life is short. Have an affair” — is marketed to people looking for extramarital relationships. It purports to have about 39 million members.
Photo: REUTERS /Mark Blinch
The hackers said the company failed to delete the information, even though it collected the fees. Toronto-based Avid Life Media Inc, Ashley Madison’s parent company, hasn’t commented on the hackers’ accusation. A company spokesman didn’t respond to multiple e-mails seeking comment.
It’s virtually impossible to exist in modern society without putting at least some personal information online. Many people can’t get through a day without using the Internet to shop, pay a bill or check their credit card balance.
People have become accustomed to trusting their most precious personal information to companies. But they also need to know that all of that information is being shared more than they would expect, privacy experts say.
Before you hit “submit,” stop and think before giving up your personal information to any kind of Web site, said Michael Kaiser, executive director of the National Cyber Security Alliance, an industry-funded group that educates consumers about cybersecurity.
SECURING PERSONAL INFORMATION
“Personal information is like money, and you don’t just give away your money,” Kaiser says. “In the environment we’re in right now, you have to value it and think about protecting it everywhere you go on the Internet.”
That means taking a look at a Web site’s business to get an idea of how much they value information security and even asking them about their data retention practices. Banks, which deal in financial information, and large retailers, who have a vested interest in getting people to shop online, are probably safer bets than a dating site.
“Ashley Madison actually charges you to remove your information when you remove your account,” he says. “That’s a big clue about how they feel about your personal information.”
People also need to sometimes take a pass on convenience in the name of online security.
Many consumers like it when e-commerce sites have their credit card and other information on file, or when Web browsers automatically fill in forms with their name, address and other details, says Peter Tyrrell, chief operating officer of the data security firm Digital Guardian. Meanwhile, worries about data theft and loss have prompted companies to back up important information in multiple places.
But both practices increase the likelihood that information could be leaked or shared. And it means that even when a person thinks that their information has been permanently deleted, chances are there are still copies floating around somewhere.
“Ashley Madison is a company with a service that’s completely predicated on privacy,” Tyrrell says, adding that that characteristic sets it apart from many traditional e-commerce sites such as retailers.
“Here the capital, so to speak, isn’t a credit card or consumer goods. The capital is personal information that if released could be ruinous personally, and financially too.”
Breaches, whether they be at a major retailer such as Target Corp., a health insurance company such as Anthem Inc., or Ashley Madison, have become so common that people should give some serious thought before putting personal information online, says Caleb Barlow, a vice president at IBM’s security division.
And while Social Security numbers weren’t involved Ashley Madison hack, people should be especially wary of using them as a backup password to access online information, given the potentially disastrous consequences that could result if they’re intercepted, he says.
“Why are we using Social Security Numbers for both identification and access?” he questions. “Any data that can never be changed can be used for identity, but should never be used for access.”
And no matter how legitimate a company or website may be, people need to be aware that they’re rolling the dice every time they hand over personal information.
Scott Vernick, partner and head of the data security and privacy practice at the law firm Fox Rothschild LLP, says consumers have the right to expect a certain level of online security, depending on the industry standards of the company they’re dealing with.
“But those expectations have to be muted by the knowledge that they’re always taking a risk, whether they’re ordering from Amazon Prime or from Ashley Madison,” Vernick says.
In late October of 1873 the government of Japan decided against sending a military expedition to Korea to force that nation to open trade relations. Across the government supporters of the expedition resigned immediately. The spectacle of revolt by disaffected samurai began to loom over Japanese politics. In January of 1874 disaffected samurai attacked a senior minister in Tokyo. A month later, a group of pro-Korea expedition and anti-foreign elements from Saga prefecture in Kyushu revolted, driven in part by high food prices stemming from poor harvests. Their leader, according to Edward Drea’s classic Japan’s Imperial Army, was a samurai
The following three paragraphs are just some of what the local Chinese-language press is reporting on breathlessly and following every twist and turn with the eagerness of a soap opera fan. For many English-language readers, it probably comes across as incomprehensibly opaque, so bear with me briefly dear reader: To the surprise of many, former pop singer and Democratic Progressive Party (DPP) ex-lawmaker Yu Tien (余天) of the Taiwan Normal Country Promotion Association (TNCPA) at the last minute dropped out of the running for committee chair of the DPP’s New Taipei City chapter, paving the way for DPP legislator Su
Located down a sideroad in old Wanhua District (萬華區), Waley Art (水谷藝術) has an established reputation for curating some of the more provocative indie art exhibitions in Taipei. And this month is no exception. Beyond the innocuous facade of a shophouse, the full three stories of the gallery space (including the basement) have been taken over by photographs, installation videos and abstract images courtesy of two creatives who hail from the opposite ends of the earth, Taiwan’s Hsu Yi-ting (許懿婷) and Germany’s Benjamin Janzen. “In 2019, I had an art residency in Europe,” Hsu says. “I met Benjamin in the lobby
It’s hard to know where to begin with Mark Tovell’s Taiwan: Roads Above the Clouds. Having published a travelogue myself, as well as having contributed to several guidebooks, at first glance Tovell’s book appears to inhabit a middle ground — the kind of hard-to-sell nowheresville publishers detest. Leaf through the pages and you’ll find them suffuse with the purple prose best associated with travel literature: “When the sun is low on a warm, clear morning, and with the heat already rising, we stand at the riverside bike path leading south from Sanxia’s old cobble streets.” Hardly the stuff of your