Ben DiPietro, The Wall Street Journal’s Risk & Compliance Journal, June 1, 2015
The crisis this week is the one involving Adult Friend Finder, the hookup dating site that suffered a data breach that exposed its users’ sexual secrets. Among the data allegedly stolen were details about the sexual preferences of the site’s members, including whether they were married. The U.K. television station that broke the story said it found a database of 3.9 million site members on a hacker forum.
The company that runs the site, FriendFinder Networks Inc., last week issued a statement saying it was investigating the reports, taking steps to protect members’ information, had hired a data security firm and was working with law enforcement agencies. It wouldn’t confirm the full scope of the breach until its investigation was completed, but said there was no evidence of financial information or passwords being compromised.
Looking at the company’s statement and its actions to date, how well has it responded to this crisis? Where is its response falling short? What more can the company do at this point?
Davia Temin, president and CEO, Temin and Co.: “This is crisis management at the shadow fringe of commerce. While pornography, and other businesses involved in sex trade such as Adult Friend Finder, have always been the ‘early adopters’ of new Internet and social media technologies, they are woefully late to the game of crisis management.
“For a site that one tech expert calls ‘one of the most heavily-trafficked websites in the world,’ and that collects some of the most private and potentially embarrassing data in the world, the owners of the site have made every crisis management mistake in the book regarding cyber data breaches. They never announced the breach themselves, only responding when someone else found it. When forced into it, their statement is formulaic, unspecific, hard-to-find, ineffectual, and unbelievable; they give no advice to members whose data has been breached, and no contact information to follow up; they promise no further communication.
“But who is going to complain? Clearly the members of this club do not want to go public to complain to law enforcement, the media, or one another. When people are involved in activities that are either illegal or that they are ashamed of, they have little recourse.
“And FriendFinder Networks seems to be counting on that. You get the feeling they just want their members to go back to the shadows–pay their fees, hook up and then take the breach silently, as penance for using the site at all.”
To read the full article, CLICK HERE.