YNOT
  • Home
  • Industry News
    • Adult Business News
    • Adult Novelty News
    • YNOT Magazine
    • EU News
    • Opinions
    • Picture Galleries
  • PR Wire
    • Adult Company News
    • Adult Retail News
    • Adult Talent News
    • Adult Videos News
  • Podcasts
  • Industry Guides
    • Adult Affiliate Guide
    • Affiliate Marketing for Beginners
    • Top Adult Traffic Networks
    • Top Adult PR Agents
    • Funding an Adult Business
  • Business Directory
    • View Categories
    • View Listings
    • Submit Listing
  • Newsletters
  • Industry Events
    • Events Calendar
    • YNOT Cam Awards | Hollywood
    • YNOT Awards | Prague
    • YNOT Cammunity
    • YNOT Summit
    • YNOT Reunion
  • Login with YNOT ID

FTC: AshleyMadison to Pay $1.6m in Data Breach Suit

Posted On 15 Dec 2016
By : Sue Denim

WASHINGTON – Ruby Corp. (formerly Avid Life Media), the Toronto-based operator of AshleyMadison.com, has agreed to pay $1.6 million to settle U.S. Federal Trade Commission and state charges of consumer deception and failure to protect data in relation to a massive July 2015 breach that exposed 36 million users’ account and profile information.

Canadian and Australian officials assisted in the investigation. At the time, the site had members from more than 46 countries.

The settlement also requires Ruby Corp. to implement a comprehensive data-security program, including third-party assessments.

“This case represents one of the largest data breaches the FTC has investigated to date, [impacting] 36 million individuals worldwide,” said FTC Chairwoman Edith Ramirez. “The global settlement requires AshleyMadison.com to implement a range of more robust data security practices that will better protect its users’ personal information from criminal hackers going forward.”

According to the FTC complaint, until August 2014, operators of the site lured customers with fake female profiles (often called “bots”) designed to convert those who used the site for free into paying members. Only users who paid for access could use all of the site’s features, such as sending messages, chatting online in real time and sending virtual gifts. Nineteen million Americans were among the individuals caught up in the bot scam, court documents indicate.

“Creating fake profiles and selling services that are not delivered is unacceptable behavior for any dating website,” said Vermont Attorney General William H. Sorrell, speaking for one of the states involved in the action.

The FTC complaint also charged the defendants assured users their personal information — including date of birth, relationship status and sexual preferences — was private and securely protected. However, the FTC alleged, the security at AshleyMadison.com was lax.

According to the complaint, the defendants had no written information security policy, no reasonable access controls, inadequate security training for employees, no knowledge of whether third-party service providers were using reasonable security measures, and no measures to monitor the effectiveness of system security.

Intruders accessed AshleyMadison.com’s servers several times between November 2014 and June 2015, but due to lax data-security practices, the defendants did not discover the intrusions, the FTC and its extra-territorial collaborators allege.

“In the digital age, privacy issues can impact millions of people around the world,” said Commissioner Daniel Therrien of the Office of the Privacy Commissioner of Canada. “It’s imperative that regulators work together across borders to ensure the privacy rights of individuals are respected no matter where they live.”

In August 2015, about one month after the data breach received major international news coverage, the AshleyMadison.com hackers published online sensitive profile, account security and billing information for more than 36 million AshleyMadison.com users. According to the complaint, this included information the defendants had retained on users who had paid $19 for a “Full Delete” service AshleyMadison.com assured would remove their data from the site network thoroughly and permanently.

The complaint charged AshleyMadison.com’s operators intentionally misrepresented 1) that they had taken reasonable steps to ensure website was secure (it wasn’t), 2) that they had received a “Trusted Security Award” (that doesn’t exist) and 3) that they would delete all of the information belonging to consumers who utilized the Full Delete service (they didn’t). The complaint also charged the defendants with misrepresenting that communications received by members were from actual women when in fact they were from “fake engager” profiles.

Finally, the FTC alleged defendants engaged in unfair security practices by failing to take reasonable steps to prevent unauthorized access to personal information on their network, causing substantial consumer harm.

In addition to the provisions prohibiting the alleged misrepresentations and requiring a comprehensive security program, the proposed federal court order imposes an $8.75 million judgment that will be partially suspended upon payment of $828,500 to the FTC. If the defendants are later found to have misrepresented their financial condition, the full amount immediately will become due. An additional $828,500 will be paid to the 13 states that participated in the action and the District of Columbia.

The FTC worked with Alaska, Arkansas, Hawaii, Louisiana, Maryland, Mississippi, Nebraska, New York, North Dakota, Oregon, Rhode Island, Tennessee and Vermont, plus the District of Columbia, to secure the settlement, which lists as defendants Ruby Corp; Ruby Life Inc., doing business as AshleyMadison.com and formerly known as Avid Dating Life Inc.; and ADL Media Inc.

In addition, the Office of the Privacy Commissioner of Canada and the Office of the Australian Information Commissioner reached their own settlements with the company.

The settlement will not become final until it is signed by a judge for the U.S. District Court for the District of Columbia. Potential class-action lawsuits are not affected by the FTC action.

 

About the Author
A red-headed Texan with the temperament to match, Sue Denim is an award-winning journalist and all-around troublemaker.
  • google-share
Previous Story

Flirt Rewards Brings Loyalty Programs to Adult

Next Story

Ask a Porn Star: What if You Were President?

Leave a Reply Cancel reply

You must be logged in to post a comment.

Sponsor

YNOT Shoot Me

YNOTShootMe.com has exclusive pics from adult industry business events. Check it out!

YNOT Directory

  • ClickAdu Network
    Mobile Ad Networks
  • M Bill
    Alternative Online Billing
  • Electric Distro
  • Premiere Listing

    PayOut Magazine

    More Details

RECENT

POPULAR

COMMENTS

Kiki Cali Makes a Porn in Sluts Around Town

Posted On 20 Jun 2025

It’s a Rookie Match-Up on Evolved Fights Lez

Posted On 20 Jun 2025

Connie Perignon Heats Up Brazzers in ‘Nice Rack! Let’s Fuck’

Posted On 20 Jun 2025

Vanessa, Meet Vivid

Posted On 29 Sep 2014
Laila Mickelwaite and Exodus Cry

Laila Mickelwaite, Exodus Cry and their Crusade Against Porn

Posted On 03 May 2021

Sex Toy Collective Dildo Sculptor

Posted On 19 Mar 2019

Find a good sex toy is now a problem,...

Posted On 18 Mar 2024

Thanks to the variety of sex toys, I can...

Posted On 02 Feb 2024

I understand the concerns about...

Posted On 05 Jan 2024

Sponsor

Sitemap
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkPrivacy Policy