Why You Need To Be Concerned About The Ashley Madison Data BreachBefore you start freaking out, we’re not accusing you of having an affair! Whether you’re happily married or enjoying the single life, you need to be concerned about the Ashley Madison data breach. Why? Because it’s a prime example of how non-compliance can result in your business and your customers paying the ultimate cost.
“Life is short. Have an affair.” – The Ashley Madison tag line. It’s controversial to say the least. The Canadian-based online dating service is designed for people who are married or in a committed relationship, giving them the platform to have an affair. On their Twitter page, they state: “We’re the premiere website for discreet connections.” However, it seems the company’s lack of compliance has shown that these connections are anything but discreet now that hackers, The Impact Team, have got their hands on user information.
As news of the data breach broke, most people, understandably, were more concerned about the ethics of the website, with a lot of people remarking that it ‘serves the users right’. But, whether you agree with the website or not, the Ashley Madison data breach needs to be a lesson to us all.
There are 37.5 million users of Ashley Madison, and The Impact Group has threatened to identify them all. Unless the site is permanently shut down, they have also threatened to release employee documents and emails, as well as users’ nude pictures, sexual fantasies, profiles, addresses, conversations and matching credit card transactions. The Impact Team warned that “shutting down AM (Ashley Madison) and EM (Established Men) will cost you, but non-compliance will cost you more.” They also said that Avid Life Media, the company that owns Ashley Madison, would be “liable for fraud and extreme harm to millions of users.”
This demonstrates the sheer devastation non-compliance can cause; either way you look at it, Avid Life Media face a disaster. If they shut down the company, then, of course, they lose their business. But, if they allow the hackers to release the details, they can effectively say goodbye to their company in any case, as trust is imperative, and how are their users ever going to be able to trust the site again?
Now, while you may not have incriminating evidence regarding your clients’ personal life, you do have private data, which needs to be secure. This includes their personal information and payment data. What would happen if this ended up in the wrong hands? Do you really think your business could come back from this? Not only would you have to deal with the enormous damage this will do to your reputation, but you’ll face fraud losses and non-compliance fines too. No matter what type of business you run, trust is imperative, and once this is broken, your company will struggle to come back from it.
The cost of compliance is a great one, and whether you agree with the Ashley Madison site or not, it needs to open all of our eyes to the importance of PCI compliance.