What conclusions can be made on the basis of the scandalous hacking Ashley Madison
Consider the main errors associated with the scandal around the hacking service Ashley Madison. She will try to analyze the situation and draw conclusions.
/ photo pbkwee CC
The owner of Ashley Madison, Avid Life Media, was well known not only for web development and applications, but also for provocative actions that were aimed at people looking for an "on-side" romantic relationship. The theme of the Ashley Madison itself was similar and brought a good income to the company.
')
The case went to an IPO, but at the most inappropriate moment, hackers from the Impact Team made an organized attack on the service and the company itself. The result of hacking is a leak of users' personal data and an even more outrageous scandal based on the fact that the service continued to store data from those who left.
If you have problems you can not hide information from your customers.
In this story, the situation has evolved the opposite way. The company decided to make a bet that the noise in the web will settle down and announced the verification of information that was published by journalists. However, none of the users were notified of what actually happened. Perhaps the company simply could not fix anything, but even that she could not immediately admit.
User data protection issues cannot be ignored indefinitely
Such services are a very attractive target for intruders. Analogs were repeatedly hacked, but all these stories did not help the Ashley Madison team to draw conclusions. Moreover, security experts reported a number of security problems with this service, but even personal criticism did not receive a response from company representatives.
In this case, we are talking about a service whose core audience was represented by very wealthy people. The level of their expenses could be hundreds and thousands of dollars. Card data and other payment information for such an audience could not help but attract attention.
Speaking of attention, the bet on the scandalous image of the product must always be supported and balanced by efforts both to work on security and to work on reputational risks. In this case there was a complete failure on both fronts.
Bots are good, but not always
As shown by the analysis of information that has become public as a result of hacking, a significant part of female profiles turned out to be bots, or managed by moderators of the service. This fact finally "finished off" the situation to the point of no return. So much large-scale company scandal will be very difficult to "survive."
PS A little bit about the work of our virtual infrastructure provider:
/ photo pbkwee CC
The owner of Ashley Madison, Avid Life Media, was well known not only for web development and applications, but also for provocative actions that were aimed at people looking for an "on-side" romantic relationship. The theme of the Ashley Madison itself was similar and brought a good income to the company.
')
The case went to an IPO, but at the most inappropriate moment, hackers from the Impact Team made an organized attack on the service and the company itself. The result of hacking is a leak of users' personal data and an even more outrageous scandal based on the fact that the service continued to store data from those who left.
If you have problems you can not hide information from your customers.
In this story, the situation has evolved the opposite way. The company decided to make a bet that the noise in the web will settle down and announced the verification of information that was published by journalists. However, none of the users were notified of what actually happened. Perhaps the company simply could not fix anything, but even that she could not immediately admit.
User data protection issues cannot be ignored indefinitely
Such services are a very attractive target for intruders. Analogs were repeatedly hacked, but all these stories did not help the Ashley Madison team to draw conclusions. Moreover, security experts reported a number of security problems with this service, but even personal criticism did not receive a response from company representatives.
In this case, we are talking about a service whose core audience was represented by very wealthy people. The level of their expenses could be hundreds and thousands of dollars. Card data and other payment information for such an audience could not help but attract attention.
Speaking of attention, the bet on the scandalous image of the product must always be supported and balanced by efforts both to work on security and to work on reputational risks. In this case there was a complete failure on both fronts.
Bots are good, but not always
As shown by the analysis of information that has become public as a result of hacking, a significant part of female profiles turned out to be bots, or managed by moderators of the service. This fact finally "finished off" the situation to the point of no return. So much large-scale company scandal will be very difficult to "survive."
PS A little bit about the work of our virtual infrastructure provider:
Source: https://habr.com/ru/post/294476/
All Articles