Six months ago today, a group of hackers calling themselves “The Impact Team” raided the user records and internal databases of infidelity dating site Ashley Madison. It was a watershed moment in the history of cybercrime: the first hack that could ruin not only finances, but relationships and lives.
This, we all figured at the time, would be a turning point for the Web: I personally wrote a piece welcoming readers to the “post-Ashley Madison Internet.” But six months after what could very well be called the most personally ruinous hack ever, very little has actually happened.
Industry analysts say that users have largely forgotten the lessons of the hack, and haven’t demanded changes in the way sites protect their financial information or privacy. (“Short attention spans,” sums up Dave Evans, a consultant on the online dating industry.)
Toronto police are still actively investigating the Impact Team, but say they have “no new updates.”
Meanwhile, while Avid Life Media — Ashley Madison’s corporate parent — appears to have suffered some damage, the company remains secretive about Ashley Madison and bullish on its future prospects. The company declined to comment for this story, as it has repeatedly since September. But last month, Ashley Madison flaunted new membership numbers, claiming that some 6.5 million people had signed up since the hack. (An analysis by digital insights firm SimilarWeb reveals that traffic has plummeted 82 percent since August, and what users remain are largely coaxed in by paid ads.) The site’s primary shareholders have also promised not to jump ship: In September, Phillip DeZwirek — who, with his son Jason, owned over a third of Ashley Madison at the time of the hack — told the Toronto Sun that “business is continuing” and that no publicity was bad.
In some ways, none of this is surprising: There was always a chance that the Ashley Madison hack, far from waking people up to the dangers of data breaches, would further normalize them. Just yesterday, a report from the Pew Research Center found that, while many Americans are angry and concerned about corporate hacks that expose their personal data, they also increasingly view them as part of modern life. It’s doubtlessly easier to dismiss hacks this way, as external inevitabilities that no one can really help, than to go through the trauma and unease of reassessing the way we collectively use the Web.
“This is the kind of thing that receives attention only when it’s a screaming baby,” Patrick Malcolm, a digital forensics expert, told the Canadian Press in December. “After the baby’s not making any noise, everybody goes back to what they were doing.”
And yet, given the grievous personal consequences for Ashley Madison’s users, it seems somehow unjust that Ashley Madison should return to business as usual. In the past six months, in fact, the site’s only visible casualties have been the resignation of CEO Noel Biderman and a handful of (yet unresolved) lawsuits.
Earlier this month, Biderman launched a rather desperate-looking professional website, presumably to further his search for business consulting work. Where his site once proudly proclaimed him “the most hated man on the Internet,” it now makes no mention of Ashley Madison whatsoever.
He seems determined, like many in the audience, to forget the Ashley Madison hack ever happened.