In 2015, Ashley Madison suffered a major breach of their network. The data of millions of users were exposed by a hacking group called “Impact Team”. Their goal was to expose the cheaters and force the shutdown of the site, which promises users an easy, discreet affair.
It seems improbable, but Ashley Madison seems to be back and bigger than before. 32 million new users have signed up for the service since the hack. Why? Part of that answer lies in the fact that there will always be people looking for a discreet and easy affair. Part of it is what Ashley Madison has done since the breach to secure their operations.
Company exec Paul Keable told Forbes Magazine about some of the steps they have taken: "We knew we needed to fix the internal infrastructure. Hired a new security team, a new CISO who looked at everything from ground ups, instilled a sense of purpose for security." They have implemented two factor authentication and are trying to educate users about phishing attacks. They have also taken user privacy to heart. Keable says, "in fact we were even awarded the Privacy by Design certificate run by the former privacy commissioner of Ontario. We hired a separate privacy officer. Sometimes security and privacy aren't the same thing, although they go hand in glove."
So, what are the lessons here, when it comes to business survival post breach? Yes, your business can survive a breach, but not without a lot of hard work an effort. A strong approach to security is a must, as is valuing your clients’ privacy above all else. How you respond to a breach could be the difference between losing your business or making it a revenue growth engine.
Want to learn more about surviving a breach? Contact Uzado about our Breach Readiness as a Service (BRaaS).