Menu
Ashley Madison to pay $1.6M settlement related to data breach

Ashley Madison to pay $1.6M settlement related to data breach

The U.S. FTC alleges that the adultery site suffered from lax security measures

The company behind Ashley Madison, the adultery enabling website, has agreed to pay a US$1.6 million settlement related to a major data breach last year that exposed account details of 36 million users.

Ashley Madison's operator, Toronto-based Ruby, is making the settlement for failing to protect the account information and for creating fake user profiles to lure in prospective customers, the U.S. Federal Trade Commission said on Wednesday.

In July 2015, a hacking group called Impact Team managed to steal the account details and then post them online a month later -- potentially damaging the reputation of the customers using the adultery website.

The FTC alleges the Ashley Madison site suffered from lax security, allowing hackers to break in several times between Nov. 2014 and June 2015. The service also retained personal information of users who had paid $19 to delete their data from the site, the FTC said.

The agency also found that Ashley Madison had managed to attract customers, including 19 million from the U.S., partly through fake profiles of women designed to entice them into becoming paying members.

U.S. investigators initially wanted Ruby to pay $17.5 million in the settlement, but the remaining amount was suspended based on the company’s inability to pay, New York Attorney General Eric Schneiderman said in a statement.

As part of Wednesday’s settlement, Ruby is required to institute a comprehensive data security program to protect customers' information. It must also undergo third-party audits to check for compliance.

Half of the $1.6 million will go the FTC, with the remainder paid to state authorities involved in the investigation.

"Today’s settlement closes an important chapter on the company’s past and reinforces our commitment to operating with integrity," Ruby said in a statement.

However, as part of the settlement, Ruby "neither admits nor denies" the allegations made by the FTC in its investigation.

Earlier this year, privacy officials in Canada and Australia also found that the Ashley Madison website was using deceptive practices to attract customers. This includes marketing itself with a phony security award.

Ruby, formerly known as Avid Life Media, has apologized for the data breach and is attempting to revamp its operations with better security measures. The Ashley Madison site continues to operate and claims to have 50 million members.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Show Comments