Key takeaways

  • Data is key to offering a successful Connected Retail model.
  • Report predicts that ownership of data will move from organisations to consumers.
  • Digital identity will soon exist on a platform outside of any “commercial or legal context”, with plenty of scope for new business models.

In July 2015, a group of cyber-criminals claimed to have stolen private user data from extramarital dating website Ashley Madision, in one of the most high-profile hacks in recent Internet history.
Last week, the hackers – who go by the pseudonym Impact Team, made good on a threat to release the information, dumping 9.7 gigabytes of data – including the names, street addresses, email addresses and credit card information for some 32 million users – on the dark web. According to an August 2015 report in The Wall Street Journal, the website hosting the stolen files can only be accessed through a browser called Tor, which is designed explicitly for private web surfing. This means that Ashley Madison’s parent company Avid Life will struggle to take the content offline.

“This event is not an act of hacktivism, it is an act of criminality,” said Avid Life, who is working with law enforcement agencies in the US and Canada, in an August 2015 statement it published online. “It is an illegal action against the individual members of, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society.”

The Ashley Madison hack is the latest in a string of incidents that highlight the fact that online crime is gathering force. In January 2015, PwC’s Global State of Information Survey found that the number of cyber attacks in 2015 jumped 19% from 2013 even as security budgets are falling or staying the same.

But although this digital catastrophe is a call to arms for businesses that take a lax approach to online security, it’s also an opportunity for consumers to tighten up their approach to sharing information online. Here are three lessons the Ashley Madison data dump can teach us about making cyber vigilance central to your browsing habits.

Privacy settings and passwords aren’t enough to protect your data

Although monitoring your privacy settings and choosing difficult passwords can increase your cyber security quotient, they don’t grant you immunity from hackers or guarantee that your information will be stolen or shared. Nominating a different password for every website you access, changing them on a regular basis and avoiding social media sharing that could lead hackers towards relevant data will heighten your ability to keep cyber criminals at bay.

Your digital footprint is larger than you can imagine

It’s easy to forget that your online habits are limited to the websites you navigate and the topics that you search. But when you enter information online, you’re also leaving behind a trail that includes data about who you are, the purpose of the websites that you’re accessing as well as time, location and device.

Data doesn’t vanish when you delete it

These days, pressing delete and clearing your cache doesn’t mean that your information no longer exists. It’s wiser to be cautious about the type of data you share rather than trying to undo the damage.

Like last year’s high-profile Sony hack, the Ashley Madison data dump is proof that cyber criminals are launching increasingly sophisticated assaults. However, raising your levels of cyber awareness and exercising common sense online can help ward off potential threat.



John Riccio

John is PwC’s Global Design & Deploy, Experience Consulting partner.

More About John Riccio