Yes, there are no doubt some 36 million individuals who may be a bit uncomfortable currently, but the massive Ashley Madison hack ought to have a lot more people paying attention, for several reasons.

For one thing, I’ve read the comments online, and so many people feel that this is justified, that neither Ashley Madison nor its customers deserve sympathy or leniency. Perhaps from a moral perspective that is true, but I am not the moral police and I won’t go there. The reality is, today it’s Ashley Madison. Tomorrow? Why couldn’t it be a major health insurance records breach? Just as these people are squirming because they don’t want their infidelity out there for all to see (and for all you know, it was a bad spot in their marriage that had been addressed and is now being brought back up), how would you feel if there was something incredibly personal within your medical records, and in the blink of an eye, some group hacked the company servers, collected a slew of records and posted them online for the world to see. Now everyone knows something that was deeply personal to you, that is no longer a private thing.

Apples and oranges, you say? Perhaps, but I will disagree. Take morality out of the equation, and then you have cases where something deeply personal, not fit for general consumption, is suddenly released without a bit of concern over whether you wanted it out there.

And, as with the Ashley Madison victims, you can fully expect that criminals and seedy types will harvest data and mine it for any and all usable information. Spear phishing campaigns will abound, and blackmailing wouldn’t be unexpected either. Because, just as Joe next door doesn’t want the neighborhood to know he’s a cheater, Sally down the block probably doesn’t want people to know she has an excessively hairy back. Or something nasty like that. And someone online will find that, and will exploit it (it’s already happening to those on the Ashley Madison dumps).

There is a lesson in all of this, and it’s that ANYTHING you put online, any business you conduct online, you best be prepared to have it become public. If you are not prepared for that, then perhaps you shouldn’t conduct it online. And if it’s online out of your control – like your health records – then you ought to be mindful of these breaches, and watch any and all pending and future legislation relative to the world of cyber defense. Because hoping and praying your data won’t fall into the wrong hands, is a pretty lousy defensive strategy.

BACK TO BLOGS