The news out this week about the latest hack of an adult ‘hook-up’ website has no doubt caused more than a few people to regret how much information they have been prepared to share online.
First it was the Ashley Madison site, tagline ‘Life is short, have an affair’, that was hacked with the details of 33 million subscribers leaked onto the web. Now the AdultFriendFinder site, tagline ‘Start hooking up tonight’, has suffered in the same way and another 400 million people have started to worry what information about their sexual activities is now publicly available and searchable by their current partner or even their employer.
There are reportedly 6,000 government e-mail addresses in the cache and 78,000 from the US military, who surprisingly seem to have quite a lot of time on their hands. The leak is said to cover 20 years worth of sign-ins, including deleted accounts. These stories flag up a number of important issues for business, as well as for the individuals affected.
There seem to be a lot of employees using their work e-mails, and probably work computers, to login to sites that are inappropriate for work time. Not only is this an abuse of their paid employment hours, but it also exposes both them and the company to the activities of hackers. Hackers could use their login details to access the corporate network directly, or could conceivable blackmail employees with knowledge of their illicit activity to force them to handover confidential data.
There are a number of actions that companies can take to mitigate this threat. Firstly, they can warn employees not to login to dubious sites using work devices or credentials. Secondly, they can subscribe to Cyber-Security-as-a-Service solutions like ThreatSpike to monitor and report on any suspicious activity inside their network, including employees logging onto ‘hook-up’ sites.
My advice is, act now before the hackers make use of the information already out there.
Head of Cyber Security