Ashley Madison reaches US$11.2M settlement over security breach lawsuit
A man looks at the Ashley Madison website in this photo illustration in Toronto on Thursday, August 20, 2015. THE CANADIAN PRESS/Graeme Roy
Paola Loriggio, The Canadian Press
Published Monday, July 17, 2017 4:24PM EDT
Last Updated Monday, July 17, 2017 4:53PM EDT
The Toronto-based parent company of the infidelity dating site Ashley Madison says it has reached a US$11.2-million settlement in American class-action lawsuits stemming from a massive security breach two years ago.
Ruby Corp., which was previously known as Avid Life Media, says the proposed settlement must first be approved by the United States District Court for the Eastern District of Missouri, where the lawsuits have been consolidated.
The lawsuits came after a cyberattack that exposed the personal dealings and financial information of millions of purported clients.
They allege Ashley Madison misled consumers about its security measures and had inadequate safeguards in place.
The company says it denies wrongdoing but agreed to settle to "avoid the uncertainty, expense, and inconvenience associated with continued litigation."
It says more information about the settlement and claims process will be released if the proposed deal is approved.
Late last year, the company said it has paid more than US$1.6 million in settlements related to an investigation led by the U.S. Federal Trade Commission, with half the money going to the FTC and half to the states participating in the probe.
As part of that agreement, Ruby Corp. vowed to maintain a comprehensive information security program and "refrain from past business practices that may have allegedly been misleading to consumers."
But in that case as well, the company stressed that it neither admitted nor denied the allegations made by the FTC and the various state attorneys general.
Investigations by privacy officials in Canada and Australia concluded last year and found Ashley Madison had inadequate security safeguards and policies when it was targeted by hackers.
Before the hack put Ashley Madison under international scrutiny, the company was dogged by allegations that it resorted to fake profiles of women or so-called bots to lure unsuspecting male customers.
The company maintained the accusations were false but said last year that a report found the bots were still active in some parts of the world until late 2015.