Data protection update: the Ashley Madison "moral" cyber-attack
Whether the motivation is to cause minor embarrassment or to inflict fatal commercial damage, this type of security risk is one which companies need to have firmly on their radar. In this case, even details of past users of the site who had paid extra to have their details removed from the website have been exposed, revealing the highly under-appreciated fact that, once given, data is virtually impossible to delete. Commentary posted by the public in response to this data breach articles indicates polarised views as to the rights of hackers to pass moral judgement in this way, but such incidents do serve to reinforce the message that handing personal data over to any third party generates the risk that such data may be compromised. In the UK, the Courts are currently looking at the notion of distress caused to consumers as a result of inadequately protected data; the domestic conversations which will be taking place imminently as a result of this incident must surely include an element of that.