After a cyber attack last month, hackers posted the personal information of millions of Ashley Madison users to the dark web on Tuesday night, including names, street addresses, amounts paid, and email addresses.
The site’s parent company Avid Life Media issued a statement on Tuesday, which said the "event is not an act of hacktivism, it is an act of criminality."
"It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities," the statement added. "The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society."
Ashley Madison also tweeted out the statement from its own Twitter handle on Wednesday.
PRWeek asked crisis comms and reputation-management specialists to explain what they think Ashley Madison should do next from a PR standpoint.
Conroy Boxhill, SVP of crisis and issues management, Edelman
The unfortunate reality is that online privacy is not guaranteed. While consumers have become desensitized to data breaches, it’s important that they remember that any online action has the potential to be captured, copied, and released despite privacy and confidentiality promises.
Since anonymity and discretion are central to their business proposition, Ashley Madison.com must communicate to and provide potentially affected customers with information to protect themselves. Best practice would dictate that since one of the industry’s most prominent experts on reporting data breaches, Brian Krebs, has essentially confirmed the validity of the data dump, it’s time for them to take ownership. Also, Twitter and Facebook don’t seem to be effective platforms for them at the moment, so perhaps it’s time to consider alternate channels to engage with audiences that matter. I suspect rebranding is in their future.
Mike Paul, The Reputation Doctor
Ashley Madison's response should be to apologize with full accountability for its data breach and either prove to its customers that they have invested in and perfected its data security to guarantee there will not be another breach (which it can never do) or shut down permanently. Any business with its roots firmly planted within a paradigm of deceit and adultery should always expect diminishing returns over time. Privacy is dead and has been dead for a long time. Seek ethics and morality in decision-making to best build a business which is not built on shifting sand. The hackers will not stop until Ashley Madison is toast. Count on it.
John Marino, COO and MD, The Marino Organization
Assuming that the information is proven to be true, Ashley Madison needs be as transparent as possible – something that they have not been up to this point. No matter the context surrounding the type of business they operate, this was still first and foremost a breach of consumer data. Ashley Madison needs to ensure that they move quickly to restore trust within their customer base.