"The quick answer is: not that safe," Dr. Michael Sulmeyer, the director of the Cyber Security Initiative at Harvard's John F. Kennedy School of Government's Belfer Center, told CBS Boston.
He said Ashley Madison's clients know now the truth of the web: Everything is hackable.
"Largely, you should not have an expectation of ultimate security and privacy," Sulmeyer explained, "And operate with the understanding that things can go wrong despite all promises to the contrary."
The group believed to be responsible for the hack claims to have stolen private information from all 37 million Ashley Madison users. On Tuesday the personal details of two subscribers leaked. One man is from Canada, the other from Brockton, Massachusetts.
What was revealed is intensely personal. Among the data released about the Brockton client of Ashley Madison: His user ID is "Heavy73;″ he listed himself as "married/attached;" he joined the site the day after Valentine's Day, 2014; he likes "cuddling & hugging" and is into "discretion & secrecy."
Sulmeyer said highly motivated hackers can be determined to get into sites like this, looking for intimate or embarrassing details.
On any such site, he said, users can and should change their passwords often.
"Even with that you should not believe that you have total privacy. And if you are really one who wants total privacy then you should not probably be getting on websites like this," Sulmeyer said.