Ashley Madison parent company CEO quits after infidelity data hack

Boards often consider CEO ultimately responsible for cyber security: Expert

TORONTO (Reuters) — Noel Biderman, the chief executive of infidelity website Ashley Madison's parent company Avid Life, has left the company, weeks after hackers launched a cyber assault that leaked sensitive data about millions of clients.

Avid Life said on Friday the departure was by "mutual agreement" and the company's existing management would take over until a new CEO is appointed.

The Canadian company was rocked by the release of Ashley Madison customer data on Aug. 18 by hackers who claimed to be unhappy with its business practices.

"This change is in the best interest of the company and allows us to continue to provide support to our members and dedicated employees," the Toronto-based company said.

The data dump contained email addresses of U.S. government officials, UK civil servants, and workers at European and North American corporations, taking already deep-seated fears about Internet security and data protection to a new level.

Police investigating the cyber attack said it has sparked extortion attempts and at least two unconfirmed suicides.

Biderman founded Ashley Madison in 2001 and it was acquired by Avid Life Media in 2007.

A second data dump by the hackers released thousands of Biderman's own emails and other company documents.

Reuters could not independently verify the authenticity of the data, email messages and internal documents.

To date only a small number of top executives have lost their jobs in the wake of massive breaches.

Sony Pictures America co-chairman Amy Pascal stepped down in February after last year’s devastating breach at Sony Corp’s Hollywood studio and Target Corp replaced its CEO last year in the wake of the 2013 breach at the retailer that exposed records of tens of millions of customers.

Chris Wysopal, chief technology officer with cyber security firm Veracode, said he expects such ousters to become increasingly common in the wake of devastating breaches because boards often consider the CEO as ultimately responsible for cyber security.

"Breaches are huge financial issues, even existential issues for companies. They are getting bigger and more impactful to the companies being breached,” he said.

Latest stories