Personal Information Breach Research Paper

915 Words4 Pages

The online dating service that goes by the slogan “Life is short. Have an affair.”, Ashley Madison, was recently hacked resulting in a breach of all their customers’ private data. Run by parent company, Avid Life Media, Ashley Madison is a website where people can seek extramarital affairs. Over 37 million accounts had been registered through this website prior to the hack and the names, addresses, emails, message history and credit card information of all these members were stolen and publicly released by the hackers. Consequently, many people have decided to take action and sue Ashley Madison for negligently causing damage. The article by Amanda Lee Myers, “8 People Are Suing Ashley Madison Following Data Breach” proceeds to explain that …show more content…

Ashley Madison will only be legally liable for the harm caused to their users if they owe them a duty of care. Anonymity is one thing that is promised when creating an account, meaning that all personal information such as names and credit card information will remain private. Since this is an online website, and websites tend to be hacked, one might argue that the data breach was reasonable foreseeable, especially since the hackers had threatened the company days before releasing the information. The duty of care that they owed to their customers was too keep everything they shared onto the website confidential. Therefore, the defendant, Ashley Madison, did owe a duty of care to their …show more content…

Since the harm caused was foreseeable, the company could have hired someone that would make the website less possible for hackers to access. This is reasonable because Ashley Madison is a successful online business that has the financial ability to hire a software engineer that can encrypt the website to make it more secure. In addition, since the company was already contacted by the hackers, they should have taken the necessary precautions to ensure that they could not hack the website. However, since the company failed to protect their members’ personal information before the hackers gained access to it, especially since this is the type of website that promises their users that everything is kept private, they breached the standard care. Step Three: Did the Defendant’s Careless Act (or Omission) Cause the Plaintiff’s Injury? If we consider that if Ashley Madison had hired someone to encrypt the website so that no one could access personal and financial information prior to the hacking, the website would not have been able to be hacked. They knew that there was a potential that someone could have hacked into their website, nevertheless, their lack of care is what brought the situation upon themselves. Therefore, since the data breach caused emotional and financial harm upon the registered members of the website and the people in their lives, Ashley Madison’s