The 2015 data breach at AshleyMadison.com, which caused widespread embarrassment and perhaps even some marital stress, is the subject of a $1.6 million settlement.
The Toronto-based company, which at the time had the marketing slogan “life is short, have an affair,” has agreed to a settlement with the U.S. Federal Trade Commission and 13 states. The agreement also requires the company to establish a comprehensive data-security program.
The federal and state governments charged Ashley Madison deceived consumers and failed to protect their account and profile information. That data was hacked and published online in July 2015.
“This case represents one of the largest data breaches that the FTC has investigated to date, implicating 36 million individuals worldwide,” said FTC Chairwoman Edith Ramirez. “The global settlement requires AshleyMadison.com to implement a range of more robust data security practices that will better-protect its users’ personal information from criminal hackers going forward.”
Attackers wanted site taken down
At the time of the 2015 data breach, the hackers demanded that the Ashley Madison site be taken down. The group, identified as The Impact Team, said it was not offended that the site promotes adultery, but rather it claimed the company lied to its customers. The hackers said Ashley Madison offered to “fully delete” members' profiles for a $19 fee, but the information, they said, was not removed.
The states and the FTC got involved after it was charged that most of the female profiles on the site were made up, and placed there only to draw male members. The purpose of the site was to match people who wanted to have affairs.
“Creating fake profiles and selling services that are not delivered is unacceptable behavior for any dating website,” said Vermont Attorney General William H. Sorrell, “I was pleased to see the FTC and the state attorneys general working together in such a productive and cooperative manner. Vermont has a long history of such cooperation, and it’s great to see that continuing.”
A year after the data breach, Ashley Madison announced a reset. Among the changes it announced at the time, Ashley Madison said it would no longer be just a dating site for married people looking to cheat, but will also be a site for “the open-minded dating community.” It says it is now trying to appeal to a wider group of people seeking relationships.