Ashley Madison Reaches Proposed Settlement with Exposed Users

Ashley Madison Reaches Proposed Settlement with Exposed Users

Ashley Madison, the online ‘dating’ website for married people looking to have an affair, has a proposed settlement worth $11.2m with users exposed in the huge data breach it suffered back in 2015.

Hackers had stolen 37 million records of customers, which apparently included “all the customers’ secret sexual fantasies and matching credit card transactions.” The hackers, who called themselves 'The Impact Team', said they planned to release real names, profiles, nude photos, credit card details and “secret sexual fantasies” unless the site was shut down.

As Ashley Madison’s Canadian owners, named Avid Life, did not close the website, the hackers made good on that threat – releasing 100 GB worth of sensitive data of those who used the website onto the dark web.

The data included usernames, first and last names, email addresses, passwords, credit card data, street names, phone numbers and transactions records. It led to several reports of blackmails and even suicide.

Avid Dating Life has since renamed itself Ruby Life, and it has reached a settlement with a Dowd & Dowd, P.C, The Driscoll Firm, P.C., and Heninger Garrison Davis, LLC, who have led the plaintiffs’ case.

“The lawsuits, alleging inadequate data security practices and misrepresentations regarding Ashley Madison, have been consolidated in a multi-district litigation pending in the United States District Court for the Eastern District of Missouri,” a press release confirming the information said.

“If the proposed settlement agreement is approved by the court, Ruby will contribute a total of $11.2 million to a settlement fund, which will provide, among other things, payments to settlement class members who submit valid claims for alleged losses resulting from the data breach and alleged misrepresentations as described further in the proposed settlement agreement,” it goes on to state.

The release suggested that Ruby “denies any wrongdoing”, but states that the parties have agreed to the proposed settlement in order to avoid uncertainty, expense and inconvenience associated with continued litigation.

According to the proposed settlement, the company will compensate individuals who were users of the site at the time of the breach, as long as they submit valid claims for alleged losses resulting from the data breach as well as any alleged misrepresentations.

The data breach had cost the company at least a quarter of its revenue, as well as the millions of dollars it had to spend on boosting its privacy and security. It also had to pay $1.66m to settle charges from the Federal Trade Commission (FTC) and 13 states, who alleged that the company misled its users about its privacy policy and did not do enough to protect their information.

However, despite the hackers’ attempts to close the website down, it still exists today. The website suggests that Ashley Madison has more than 52 million members.

Source: Information Security Magazine