News of the AshleyMadison.com hack has reached a global audience. The data stolen in the hack includes the company’s databases of 37 million users, financial records, and other proprietary information. The site is essentially a dating website that helps married individuals cheat.
Among the 37 million users using the online infidelity site, according to reports, 175,000 South African users may be at risk of having their details leaked. A group, which goes by the alias of “Impact Team” has claimed responsibility for the hack.
As a result of the hack, Marta Janus, Security Researcher, Global Research & Analysis Team at Kaspersky Lab has given IT News Africa insight into just how detrimental the hack can be to users of AshleyMadison.com as well as the business operator, Avid Life Media (ALM).
Janus has stated that: “The news that Madison Ashley has been hacked highlights the need for all companies to enact security measures to prevent cyberattacks and therefore protect their customers’ personal data. Users that are entrusting private information into the care of a website should be safe in the knowledge it is kept in a secure manner and all companies who handle private data have a duty to ensure it.”
Janus adds that: “Any security breach resulting in a leakage of private data is equally bad – no matter if the website is considered “unethical” or even illegal – as the affected users might not necessarily be guilty of any illegal/unethical activity. In the case of the Ashley Madison hack, the leaked data contains information like real names, addresses and the credit card details, which makes it quite a serious issue, as once it’s public, cybercriminals could use this information to steal money.”
“There are a number of reasons why a company could become the victim of this kind of attack, such as financial, political or as it appears to be in this case here, ethical. What is important is that companies understand that anyone can be targeted by cybercriminals, and whilst security solutions significantly mitigate the risk of a successful attack, there are also other measures to be taken in order to provide thorough protection. These measures include running a fully updated software, performing regular security audits on the website code and penetration testing the infrastructure. The best way to combat these types of cyberattacks is at the beginning; by having an effective cybersecurity strategy in place before the company becomes a target,” Janus concluded.