Advertisement
World

Ashley Madison site like a sieve, says report

ABC
Aug 24, 2016, updated Aug 24, 2016
Hackers published the details of about 36 million Ashley Madison users last year.

Hackers published the details of about 36 million Ashley Madison users last year.

A joint Australian-Canadian investigation into a massive leak of data, stolen from infidelity website Ashley Madison, has identified shortcomings in the organisation’s privacy and security framework.

In August last year, hackers followed through on a threat to publish the details of about 36 million Ashley Madison user accounts, including those of about 670,000 Australians.

The leaked data included users’ names, email addresses and credit card details.

A joint investigation by the Australian Privacy Commissioner and the Privacy Commissioner of Canada has been highly critical of the website’s privacy and security practices.

The commissioners’ report found website owner Avid Life Media (ALM) did not have the appropriate safeguards, including documented information security policies or practices, an explicit risk management process, and training for staff about their privacy and security obligations.

“[It] is an unacceptable shortcoming for an organisation that holds sensitive personal information or a significant amount of personal information,” the report read.

The commissioners have accepted an enforceable undertaking requiring ALM to take additional steps to improve its practice and governance.

Australian Privacy Commissioner Timothy Pilgrim said the report exposed the risks to all business with similarly weak security measures.

“The findings of our joint investigation reveal the risks to businesses when they do not have a dedicated risk management process in place to protect personal information,” he said.

Website ‘should stop keeping inactive users’ details’

The commissioners also looked into reports the website had retained the personal information of some individuals who had paid ALM to delete their account, which was also published on the internet.

They recommended ALM “cease its practice of retaining indefinitely personal information of users whose accounts are deactivated or inactive”.

Mr Pilgrim said all companies were faced with challenges about how they protect sensitive data.

“Privacy and data are global challenges and international cooperation like this will become a key tool for the future of privacy enforcement,” he said.

“Certainly, my office will always look to pursue Australians’ privacy rights, no matter where that leads.”

More World >
Fire rages through historic Copenhagen building
News

Fire rages through historic Copenhagen building

Trump Media stock slides again as euphoria fades
Finance

Trump Media stock slides again as euphoria fades

Coral reefs hit by fourth global bleaching event
World

Coral reefs hit by fourth global bleaching event

Tesla to lay off over 10 per cent of staff as sales fall
US

Tesla to lay off over 10 per cent of staff as sales fall

<I>Rust</I> armourer sentenced over fatal shooting
US

Rust armourer sentenced over fatal shooting

Potential jurors dismissed at Trump criminal trial
News

Potential jurors dismissed at Trump criminal trial

United States won’t help Israel retaliate against Iran
Middle East

United States won’t help Israel retaliate against Iran

Manchester bombing survivors to sue MI5
UK

Manchester bombing survivors to sue MI5

US refuses to help Israel strike back at Iran
Middle East

US refuses to help Israel strike back at Iran

Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
Subscribe
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter
Topics
The New Daily
Copyright © 2024 The New Daily.
All rights reserved.