Ashley Madison Hack: What's Next for the Site After Hack and Data Dump
After millions of potential cheaters were exposed, can the site survive?
-- For the 37 million people who signed up for profiles on Ashley Madison, one of the website's selling points was the opportunity to have a discreet extramarital affair.
While there is no telling how many made the connections they were looking for, what has unfolded this week in the wake of the hacking has been a potential nightmare for those users whose secret lives have now been exposed -- and has raised questions about the future of Ashley Madison.
"I think it would be very difficult for them to get any conscious being to sign up in the future that has any regard for their privacy," Robert Siciliano, an online safety expert to Intel Security, told ABC News.
Two Canadian law firms have already joined forces to file a class action lawsuit against Avid Life Media, Ashley Madison's parent company, on behalf of the estimated thousands of Canadian users who were impacted by the breach. Other than a lead plaintiff, it was unknown how many other users have joined the lawsuit. Avid Life Media is headquartered in Toronto.
The company said in a statement to ABC News today that it would "continue to devote significant resources to our security protocols and systems and we continue to support our customers around the world."
"Regardless of the nature of the content, our customers, this company, and its employees are all exercising their legal and individual rights, and all deserve the ability to do so unhindered by outside interference, vigilantism, selective moralizing and judgment," the company added in its statement. "The individual or individuals who are responsible for this straightforward case of theft should be held accountable to the fullest extent of international law."
Avid Life Media has not publicly commented on how the hacker or hackers, who call themselves the Impact Team, were able to breach its system, leaving security experts like Siciliano unable to make observations about anything that could have potentially prevented what Avid Life Media called a "criminal intrusion" into the company's system.
"We are unable to reverse-engineer their process at this time since all they have done is release statements about what has gone wrong," Siciliano said. "They haven't disclosed what could have been done inefficiently and wrong on the inside."
When signing up for the service, Avid Life Media makes it clear that users have a reasonable expectation of privacy. The privacy policy on Ashley Madison states the company treats "data as an asset that must be protected against loss and unauthorized access" and uses "standard practices and technologies," including firewalls and encryption, to help protect user data from prying eyes.
Now that trust has been breached, even perhaps by no fault of Avid Life Media's, it remains unclear whether users will be willing to once again put their faith in Ashley Madison.
"When you sign up for any online portal, generally there is a privacy policy that suggests members will receive a degree of privacy, and that is with most every online site," Siciliano said. "Why would consumers sign up otherwise?"