Tag Archives: cyber liability

Cyber Risk’s Dirty Little Secret


Meh, not so much.  I’m speaking of the “100% Secure” in the accompanying AshleyMadison.com image.  I apologize in advance if my chosen image this week may be a little risqué for some readers.  I just couldn’t resist.  Apparently, neither can many married folks who were clients of the AshleyMadison.com website whose marketing tagline is, “Life is short. Have an affair.”

News broke a few weeks ago that AshleyMadison.com had been hacked and that the hacker(s) threatened to release the site’s user data if the company didn’t fold up its online tent and shut itself down.  Engaging in illegal hacking activity in order to take a morality stand isn’t what I would consider the moral high ground, but the irony is apparently lost on the hacker(s).  Anyway, AshleyMadison.com called the hacker(s) bluff and the cards were laid on the table this week.  Thousands of cheating (or wanna-be cheating) spouses have been publicly outed.  I’m betting that this is a good time to be florist, jeweler, or divorce attorney.

As much fun as it is to revel in the misfortunes of unfaithful spouses, this event provides another perspective on the ever-evolving cyber risk front.  Risk managers and insurance professionals have been largely focused on things like stolen credit card data and corporate espionage.  Consumers of Target, Home Depot, Anthem Healthcare, et. al. have been largely mollified with free credit monitoring service in the wake of data breaches at those firms.  But how does a firm address cyber liability for a destroyed marriage or soiled reputation?  There are plausible defenses:  AshleyMadison.com customers were knowingly engaged in risky personal behavior and never should have expected that their actions would not be discovered.  On the other hand, if AshleyMadison.com boasted that it was “100% Secure” it would be reasonable for customers to assume that their extramarital activities were at least safe from moralistic hackers, even if they still had to find a way to lie and deceive their way around the actual, ahem, activity of the affair.

Oh my.  This blog post could go on and on, but let me just close by stating that cyber risk and cyber liability is the wild, wild west of the risk and insurance industry right now.  Begging forgiveness from Mrs. Crandall, my high school English teacher, we ain’t seen nothin’ yet.