Independent News and Media

Cheater site criticised for safety standards

A GOVERNMENT investigation into an infidelity website that once labelled Toowoomba the "cheating hot spot in Australia" has criticised its privacy standards.

Ashley Madison serviced people seeking discreet affairs and was hacked by a group called "The Impact Team".

The hackers threatened to expose the information of users unless the site was shut down and later made good on their threats.

About 36 million Ashley Madison user accounts were made public.

A joint investigation of Ashley Madison was undertaken by the Privacy Commissioner of Canada and the Australian Privacy Commissioner.

A recently published report found the website contravened the Australian Privacy Principles.

It found, although parent company ALM had a range of personal information security protections in place, it did not have an overarching information security framework.

The report recommends that organisations which hold personal information electronically adopt clear and appropriate processes, procedures and systems to handle information security risks.

The hackers published three types of information.

Firstly they made public profile information that users entered to describe themselves and the types of experiences they were looking for on the website.

That very personal information included gender, heights, weight, body type and ethnicity.

They exposed cheaters' name, zip code and date of birth were also published.

The hackers also made public the account information of cheaters.

Financial transactions were published including billing information and the last four digits of credit card numbers.