Sharing personal data online: a risky affair?
The internet is becoming an increasingly popular forum for social interactions, but how much personal information should we share online and how do we know it won’t fall into the wrong hands?
These are the questions on many people’s lips following the revelation this week that personal data belonging to over 37 million ‘anonymous’ users of the internet dating site Ashley Madison, 1 million of whom are UK based, has been stolen by a group calling themselves “The Impact Team”.
For many people, the theft and potential distribution of their personal data would be nerve-racking, but for many users of Ashley Madison, there is cause for extreme concern. Unlike other dating sites, Ashley Madison specialises in facilitating infidelity, its tagline being “Life is short. Have an affair.” The Impact Team has demanded that Ashley Madison, owned by Avid Life Media, be shut down or they will release “all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”
The demand was largely fuelled by Ashley Madison’s £15 fee to delete a user’s profile, which was in place until yesterday. However, according to The Impact Team, this is a “complete lie” as user’s payment details, including names and address were retained even after a user has paid for a ‘full delete’. They claim that the personal data of people who registered with the site years ago and paid to be permanently removed from its records are still being processed by Ashley Madison.
There has also been some speculation as to how this data was stolen. Yesterday, Ashley Madison’s chief executive and founder, Noel Biderman, seemed certain that, rather than a cyber attack, the data was stolen by someone working with the company, who “had touched our technical services“. This is a stark warning to all companies that hold or process personal data. However vigilant your cyber security, a disgruntled employee or contractor is likely to have far easier access to your records than a hacker.