The B.C. government is reviewing why some employees’ work email addresses are registered on a website facilitating extramarital affairs, in contravention of its policies.
A Times Colonist search of AshleyMadison.com registration data released last week by hackers revealed 14 email addresses associated with the provincial government, one with the City of Victoria, two with the Capital Regional District, six with Camosun College and 167 with the University of Victoria.
Ashley Madison, aimed at those looking for partners outside their marriages, does not verify email accounts. That means addresses in the file could have been entered by someone other than the person associated with it, or be bogus.
The website, operated by Toronto-based Avid Life Media, was the victim of a cyberattack about a month ago and last week the hackers released detailed records of millions of people registered with the website.
“We’re aware of this issue, and we’re looking into it,” said a spokesperson with the Ministry of Technology, Innovation and Citizens’ Services on Thursday. “It’s important we not draw conclusions before we conclude an appropriate review.”
The province confirmed 14 B.C. government addresses were registered. Three belonged to employees in management-level positions; five were inactive and no longer in use.
None belonged to politicians and none originated from inside the B.C. legislature.
“Our primary concern is security at this time,” said a ministry spokesperson. “We want to make sure government email accounts remain secure and that email systems aren’t compromised.”
The B.C. government said it’s unknown whether the authorized users of the email addresses are the same people who registered with Ashley Madison and cautioned that no conclusions should be drawn prior to its review.
The University of Victoria is taking the approach that what happens in the bedroom — as long as it’s legal — is not a matter for the boardroom.
University of Victoria chief information officer Paul Stokes said the university’s acceptable-use policy permits use of university assets for limited personal activities to maintain a work-life balance. Visiting the Ashley Madison site would not contravene that, he said.
“It’s not an illegal activity to visit a dating site and we can’t validate whether … they’re using UVic electronic resources for that purpose,” Stokes said.
The University of Victoria has about 133,000 registered email addresses provided to faculty, current and former staff, students, researchers, special instructors, grad students, visiting scholars, fellows and alumni, Stokes said.
Those addresses may be used from around the world in addition to inside the institution, he said. The university has not reviewed the uvic.ca addresses registered on the site, Stokes said.
Two email addresses associated with the Capital Regional District appear in the released data. The CRD has no information on how many of its email addresses are registered with the site or if they are authentic.
CRD chairman Nils Jensen said the Ashley Madison website is blocked on the district’s computers and has been since its inception.
“It’s not possible to access this site from a CRD computer because we have a security system that blocks this site and sites similar to it,” Jensen said.
He said using CRD email addresses to send or receive from sites such as Ashley Madison “would be considered contrary to our policy as inappropriate use of emails.”
