Mumsnet vs Ashley Madison: A tale of two attacks

Discussing the recent Mumsnet and Ashley Madison hacks and the response, Jack Bedell-Pearce, Managing Director at 4D said:

“It appears Mumsnet have undergone a sustained attack in both the virtual and physical world in the form of a DDoS and ‘Swatting’ incident respectively.

"How a company responds to this kind of situation is always interesting as security experts generally believe most attacks of this sort are swept under the carpet by the target company in order to reduce PR flak and regulatory scrutiny. Mumsnet and co-founder Justine Roberts have done the opposite and released a public statement to all its members.

"Not only is this communication comprehensively honest (both about the nature of the attacks and the ramifications), it contains some excellent advice on what their members should do to minimise the risk of them being hacked too. They clearly already employ some very sensible safeguards such as encrypting passwords and despite the persistent nature of the attack, the perpetrator has only gained access to 11 accounts (relatively small given the user base).

"Far from shying away from their responsibilities, they have embraced this situation to educate their users, reviewed their security protocols and publically denounced the actions of the individual(s) responsible. Contrast this with the debacle that is the recent Ashley Madison leak, where the scale and fallout is being realised in real-time (as and when hackers release new tranches of data).

"There has to be an industry-wide discussion about how companies report breaches so that we can start to learn lessons and encourage those with sloppy security to up their game. It is a tough balancing act though, as PR and lawsuits aside, companies in action could result in us sleepwalking into governments forcing all firms to announce even the tiniest issue.

"If history has taught us anything, governments are woefully poor at writing regulatory legislation for tech firms - not only do they often not understand the current issues at hand but fail to recognise the ever evolving nature of technology they’re trying to regulate.

"In this battle of common sense, we’d have to declare Mumsnet the winner."