Tech Law

Ashley Madison: What now for the secret affairs site that has seen hackers blow the covers off its 37m users

By Seb Joseph | News editor

August 20, 2015 | 7 min read

Ashley Madison’s status as the keeper of infidelity secrets has been knocked after hackers plundered the personal details of its members but demand for such a niche service could feasibly lift user numbers in the wake of the attack albeit with lingering trust issues.

It could amount to the best of a bad situation for the affair site after its gamble with hackers backfired spectacularly this week when the details of its 37 million users were scattered on BitTorrent and the dark web. Ashley Madison’s owner Avid Life had been warned by the cyber criminals in July that it would expose the thousands of cheaters it services if the site was not shut down

The fallout will affect millions of people, causing divorce, job loss, and financial damage – not least the site itself which has had to put the brakes on $200m public stock offering. Customers will no doubt find it difficult to trust their sensitive data to the company after such a devastating event. However, cheating on your partner was probably quite difficult before Ashley Madison came along and gave people an online hub where they can search by location, gender and everything else to do just that. It’s a utility that is no doubt essential to some and ethical reasons aside means there will always be demand for an Ashley Madison-style service.

If Ashley Madison is to survive the backlash, which has seen observers slam the site’s amateur attitude toward privacy and data security, then it should learn from how its peers like Apple, Sony and Target have dealt with similar cyber-attacks. It may lack the years of brand equity its peers pulled on to help soften the blow from hackers but that doesn’t mean it shouldn’t move swiftly and decisively to tackle the problem head on.

The latest marketing news and insights straight to your inbox.

Get the best of The Drum by choosing from a series of great email briefings, whether that’s daily news, weekly recaps or deep dives into media or creativity.

Sign up

In the days since the attack, the site has condemned the robbery and assured that “no current or past members’ full credit numbers were stolen from Avid Life Media”. It is now investigating the attack, cooperating with law enforcement agencies including the Federal Bureau of Investigation.

“How Ashely Madison deals with the hack in the next few days will probably define how much of a recovery they make from it. I think every brand has ample opportunity to recover from an issue like this but we do live in a connected world where brands have to use the openness and transparency that comes with that as a positive,” said former head of marketing at Addison Lee and agency executive Nick Constantinou.

It’s hard to say if the attack will have a detrimental effect on the brand, because it catered to a very specific audience of people looking to have affairs, versus a household brand like Apple or Sony that serves to a broad set of consumers. This is reflected in the way the hack has been discussed on Twitter, which despite generating nearly 7,500 tweets on the day (19 August) the news broke, most of them were neither good nor bad (see graph one), according to BrandWatch.

The biggest positive spike was at 5pm on the day when the Wired article "how to check if you or your loved ones were exposed in the AM scandal" was published. The biggest negative spike came hours later at 11pm when Josh Duggan the "Family Values Activist" was said to be among the names.

“Ashley Madison, if you put its morality and ethical issues to one side, it has a utility which is almost indispensable,” added Constantinou. “Whether or not people stop signing up to services like this all depends on the value you’re providing to individuals. The danger with this situation is that it’s a business that has trust and secrecy at the forefront but has just had its data stolen.”

It’s fair to say that individuals using Ashley Madison were buying into the concept of absolute discretion and security also fits into the majority public who find it difficult to accept the idea that nothing stored online is really 100 per cent secure.

It’s for this reason that Iris Worldwide’s technical director Jordan Harper thinks Ashley Madison’s trust is - at least superficially - blown. “Ashley Madison will find it very difficult to bounce back,” he added.

“Logically, they must make encryption and security a key part of their offering and explain how -- when this happens next time -- they'll be better prepared to deal with it than other (competitor) organisations. It's unlikely that the basic reason for people using their services is going to change, but it is likely they'll still want to get it, probably from somewhere else. Ashley Madison has to convince them that because of this attack, they'll come away stronger and better prepared than their competitors.”

But therein lies the rub. The old 'you're only as strong as your weakest link' dictum is no more apt than in data security -- and the bigger and more connected the brand, the more likely they are to have many weak links. Failing to safeguard against data is a simple failure for any organisation, however security experts that have commented on the hack have voiced concerns that most do not take it very seriously.

Eric Chiu, president and co-founder of cloud control company HyTrust, said: “We have now seen the first, second, third and fourth, (etc.) shoe to drop in terms of major data breaches including Target, Home Depot, Anthem, Snowden and the IRS. The fact that these data breaches continue to happen at a faster pace and the number of victims continues to get larger is a sign that companies are clearly not doing enough to protect sensitive data.”

Ashley Madison, like others before it, used digital to make people do what they would have done anyway easier. Time will tell whether the lift in brand awareness it has received off the back of the hack can provide the foundation to prove it can still be the keeper of secrets. Regardless, the brand as it once was is broken and its executives will have to come up with a more robust way of keeping peoples affairs behind closed doors if it is to survive in the long-term.

Tech Law

More from Tech Law

View all


Industry insights

View all
Add your own content +