The fallout continues from the data breach at infidelity website Ashley Madison. Besides several class-action lawsuits filed against Ashley Madison, Forbes magazine reported that stolen documents highlight the company's information technology (I.T.) vendor relationships:
"In response to challenges of the data’s authenticity, Impact Team began a second series of dumps, including what appears to be essentially all corporate records, including source code, internal business documents and corporate emails of Avid Life Media/Ashley Madison... Within those hundreds of thousands of documents is one entitled Areas of Concern – Customer Data (abbreviated in this article, AoC)... The needle in the treasure trove haystack of corporate data... In the AoC, the IT business practices of Avid/Ashley Madison began to emerge, including its relationships with third party vendors. New Relic is mentioned as one of three third party IT vendors to Avid. Also mentioned in that document as vendors are OnX (publicly reported as being an Ashley Madison vendor) and Redis/Memcached (alternative open source caching tools)... The AoC identifies New Relic as being a customer data “concern” (worry), by mentioning that it could employ “a hacker/bad actor” who could gain access to customer data. There was nothing in the AoC to indicate any reason to call out New Relic as a third party vendor presenting particular customer data security risks."
Assuming the leaked documents are accurate, one reason why this is important:
"The existence of third party IT vendors may be of interest to the increasing numbers of plaintiffs suing Avid and Ashley Madison. These plaintiffs have, to date, apparently not named these vendors as defendants."
Noel Biderman, the chief executive at Avid Life Media, Ashley Madison's parent company, resigned last week. The Wired article highlighted another reason:
"... the Missouri suit states that its anonymous plaintiff paid a $19 fee to have Ashley Madison delete her personal information from its servers but failed to deliver on that service."