Affairs of the Heart Ashley Madison Hack Causes Ripples in Germany

The cyberattack on the infidelity website Ashley Madison has put Germany's largest dating sites under pressure. They claim their data security is watertight – but so did Ashley Madison.
You want love, but the sites need your data.

The cyberattack on the Canada-based Ashley Madison infidelity website and subsequent release of user accounts and credit card details has triggered a rush of concern in Germany about the safety of its main dating and flirting portals.

“The present occurrence confirms once again how important this issue is – and will be in the future,” said a spokesperson for Parship, the German market leader.

A representative for eDarling, another big German dating site, said the hackers’ breach of the Canadian website is a reminder “that there is never perfect security for data on the Internet.” But both German companies as well as their competitors say they take online security seriously. Only a few, however, were willing to reveal details about security measures.

Avid Dating Life, the firm that operates Ashley Madison, advertised its high degree of data security. In an email to journalists, Avid Dating Life said the website was the “only secure site on the Internet.” But an analysis of the cyberattack reportedly revealed glaring weaknesses. The hacker group Impact Team was not only able to enter the network, but could also download huge amounts of data with no problem. Systems for discovering intruders and registering suspicious streams of data were lacking or didn't work. “No one was paying attention,” the hackers told the Motherboard website.

Ashley Madison is more popular in Germany than previously thought. An analysis shows that 424,000 profiles with German e-mail addresses exist on the website.

The consequences have been dramatic. Two suicides, one in the United States and another in Canada, are reportedly connected to the cyberattack. Police are investigating. Blackmailers are reportedly demanding hush money via e-mail.

The revelations have not only put marriages at risk, but also jobs. In the U.S. military, for example, adultery by service personnel can lead to dishonorable discharge. The company itself is facing the possibility of a flood of lawsuits, and several users and two law firms have already gone to court in the United States and Canada.

Ashley Madison is more popular in Germany than previously thought, according to the Hasso-Plattner Institute in Potsdam. The institute's analysis shows that 424,000 profiles with German e-mail addresses exist on the website; the large majority of the profiles (390,000) are male. Berlin appears almost 32,000 times as place of residence and is the leader among German cities. The information entered by users is unverifiable, thus skepticism is warranted.

In response to inquires from Handelsblatt, German dating sites said they are trying to tighten their security standards, but most were unwilling to reveal details. Friendscout 24 said simply that it “pays great attention to protecting data and users.” It says the same is true for external threats and that within the company, help is provided by the “corporate culture shared with employees.”

The most transparency was offered by Parship, which says that it has an extensive security strategy. These include servers on German soil with strict access controls, encrypted data transfer, firewalls and regular inspections by the Technical Inspection Association regarding data security and service quality. Parship said that account and credit-card information is not stored in the profile data, but with an external payment-services provider, which is an important measure against financial crime.

EDarling also makes use of encryption – for both the transmission and storage of data. Just like Parship, the company invites external examiners to investigate and certify IT security. In order to prevent misdeeds by its own employees – a breach which may have occurred at Ashley Madison – an “extremely restrictive allocation of rights” exists and access is recorded in protocols.

Despite all data-protection policies, users of such websites don't know how effectively these measures are enforced. So the fact remains, flirting and cheating can be a matter of trust.

Video: Ashley Madison- Bringing your marriage back to life or increasing the divorce rate? 

Axel Postinett writes about consumer electronics, the video game industry, e-commerce and internet corporations. Christof Kerkmann is an tech editor for Handelsblatt Online. To contact: [email protected] and [email protected]