Privacy commissioners find Ashley Madison security 'inadequate'

A year after a major security breach released the names of 36 million users of ‘cheating’ dating site Ashley Madison, an investigation has concluded the website lacked security.

Avid Life Media, the parent company that operates the controversial site, was found to have “inadequate security safeguards and policies” in place prior to the August 2015 hack.

Ashley Madison is an online dating site that specialises in extramarital affairs, 'discreet encounters' and 'married dating'.

The information of more than one million Australian members were released in the hack.

The joint investigation by Australian Privacy Commissioner Timothy Pilgrim and the Privacy Commissioner of Canada Daniel Therrien found the company went as far as to include a "phoney security trustmark" on their website to convince users that their information was safe.

“The findings of our joint investigation reveal the risks to businesses when they do not have a dedicated risk management process in place to protect personal information,” said Commissioner Pilgrim.

"Where data is highly sensitive and attractive to criminals, the risk is even greater. Handling huge amounts of this kind of personal information without a comprehensive information security plan is unacceptable."

The breach comes as a stark reminder for consumers to be more informed about the business they are entrusting their information to.

"Be clear about what you are providing, the value you are getting in exchange, and understand that no organisation is ‘breach-proof," the Commissioner added.

In July, Ashley Madison underwent a reboot under new leadership and is now being branded as an "open-minded dating" service.

News break – August 24