Ashley Madison to pay $1.6M settlement related to data breach
Security

Ashley Madison to pay $1.6M settlement related to data breach

The company behind Ashley Madison, the adultery enabling website, has agreed to pay a US$1.6 million settlement related to a major data breach last year that exposed account details of 36 million users.

Ashley Madison's operator, Toronto-based Ruby, is making the settlement for failing to protect the account information and for creating fake user profiles to lure in prospective customers, the U.S. Federal Trade Commission said on Wednesday.

In July 2015, a hacking group called Impact Team managed to steal the account details and then post them online a month later -- potentially damaging the reputation of the customers using the adultery website.

The FTC alleges the Ashley Madison site suffered from lax security, allowing hackers to break in several times between Nov. 2014 and June 2015. The service also retained personal information of users who had paid $19 to delete their data from the site, the FTC said.

The agency also found that Ashley Madison had managed to attract customers, including 19 million from the U.S., partly through fake profiles of women designed to entice them into becoming paying members.

U.S. investigators initially wanted Ruby to pay $17.5 million in the settlement, but the remaining amount was suspended based on the company’s inability to pay, New York Attorney General Eric Schneiderman said in a statement.

As part of Wednesday’s settlement, Ruby is required to institute a comprehensive data security program to protect customers' information. It must also undergo third-party audits to check for compliance.

Half of the $1.6 million will go the FTC, with the remainder paid to state authorities involved in the investigation.

"Today’s settlement closes an important chapter on the company’s past and reinforces our commitment to operating with integrity," Ruby said in a statement.

However, as part of the settlement, Ruby "neither admits nor denies" the allegations made by the FTC in its investigation.

Earlier this year, privacy officials in Canada and Australia also found that the Ashley Madison website was using deceptive practices to attract customers. This includes marketing itself with a phony security award. 

Ruby, formerly known as Avid Life Media, has apologized for the data breach and is attempting to revamp its operations with better security measures. The Ashley Madison site continues to operate and claims to have 50 million members.

IDG Insider

PREVIOUS ARTICLE

«IBM already planned to hire 25,000 US workers

NEXT ARTICLE

NASA embraces IBM’s Watson for future space, aerospace technology development»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Add Your Comment

Recommended for You

silhouette

Everything you need to know about… Tech Careers

IDG Connect tackles the tech stories that matter to you

kathryn-cave

Blockchain For Dummies: What you really need to know

Kathryn Cave looks at the big trends in global tech

martin-veitch-thumbnail

What we know and don’t know about digital transformation

Martin Veitch's inside track on today’s tech trends

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?