eDiscovery Daily Blog

• July 22, 2015

One of the most discussed topics at LegalTech® New York 2015 (LTNY) earlier this year was cybersecurity.  We’ve started covering some of the trends related to security breaches with posts here, here and here and even my hometown baseball team, the Houston Astros, was recently hacked by a competitor.  The latest victims of cyber hacking – the purported 37 million subscribers of the online cheating site AshleyMadison.com – may find little sympathy in their plight.

According to Brian Krebs in Krebs on Security, an authoritative Web site that monitors hacking worldwide, large caches of data  have been stolen from the site and some has been posted online by an individual or group that claims to have completely compromised the company’s user databases, financial records and other proprietary information.  The breach was confirmed in a statement from Toronto-based Avid Life Media Inc. (ALM*), which owns AshleyMadison as well as related hookup sites Cougar Life and Established Men. ALM stated that “We apologize for this unprovoked and criminal intrusion into our customers’ information” and also claimed that “At this time, we have been able to secure our sites, and close the unauthorized access points.”

That’s probably little comfort to the subscribers who have had their personal information compromised.

The hacker or hackers identify themselves as The Impact Team and is threatening to expose all customer records (including “profiles with all the customers’ secret sexual fantasies, nude pictures, and conversations and matching credit card transactions, real names and addresses, and employee documents and emails”) unless ALM takes AshleyMadison and Established Men offline “permanently in all forms.”

As stated in the article in Krebs on Security, “In a long manifesto posted alongside the stolen ALM data, The Impact Team said it decided to publish the information in response to alleged lies ALM told its customers about a service that allows members to completely erase their profile information for a $19 fee.

According to the hackers, although the ‘full delete’ feature that Ashley Madison advertises promises ‘removal of site usage history and personally identifiable information from the site,’ users’ purchase details — including real name and address — aren’t actually scrubbed.”  On Monday, ALM said it would offer all users the ability to fully delete their personal information from the site and waive the fee (presumably fully).

Ashley Madison’s slogan is “Life is short.  Have an affair.®”  For those that have chosen to do so, life may start to seem very long, at least for a while.

So, what do you think?  Is there anything that can be done to stem the tide of data breaches throughout the world?  Please share any comments you might have or if you’d like to know more about a particular topic.

* Not to be confused with American Lawyer Media, which goes by the same acronym.  🙂

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.