[photosinensis]

The biggest problem is that Avid Life Media has done jack squat in response to the data leak. They've not communicated any kind of risk mitigation strategy. They've not allowed users to change their compromised passwords. They've not made any efforts to contact affected users.

This is like a rape victim not only trying to pretend the whole thing didn't happen, but all the while knowing that her attacker had HIV, has good reason to believe she's seroconverted, and is still having unprotected sex with her regular partners without telling them anything.

While the company is a victim here, their actions are themselves criminally wrong.

[rabidonrails]

It's interesting to see AM say nothing and I wonder if this is a well thought out plan. By not confirming the leak (and by practically ignoring it) it leaves their ashamed "users" plausible deniability. So, if your email address showed up on the list, you _could_ deny it as AM never confirmed that it was a real leak.

Just a thought...

[araxhiel]

The analogy of a victim of rape, though crude, is quite right (and left me quite impressed, to be honest).

[DanBC]

The rape analogy is repugnant.

[JacobAldridge]

Yup - 'blaming the victim of a crime' would have been sufficient to make the OP's point, though I know media conversations on the topic are the likely reason why the analogy he chose came to mind.