Ashley Madison agrees to an $11.2 Million settlement for a 2015 massive data breach

Share this…

Dating site for cheaters Ashley Madison has agreed to an $11.2 Million settlement for roughly 37 million users affected by the 2015 massive data breach.

Dating site for cheaters Ashley Madison has agreed to an $11.2 Million settlement for roughly 37 million users whose personal details were exposed in a massive data breach in 2015.

The site was hacked in July 2015 and crooks dumped roughly 100 GB worth of sensitive data belonging to 37 million users.

Leaked data includes usernames, first and last names, email addresses, passwords, credit card data information, street names, phone numbers, and transactions records.

The data leak led to blackmails and even some suicides.

Ashley Madison and the sibling website “Established Men” are now part of a Canadian outfit called Ruby Corp which last Friday announced the settlement with a group of users.

“Ruby Corp. and Ruby Life Inc. (ruby), and a proposed class of plaintiffs, co-led by Dowd & Dowd, P.C., The Driscoll Firm, P.C., and Heninger Garrison Davis, LLC, have reached a proposed settlement agreement resolving the class action lawsuits that were filed beginning July 2015 following a data breach of ruby’s computer network and subsequent release of certain personal information of customers of Ashley Madison, an online dating website owned and operated by Ruby Life Inc. (formerly Avid Dating Life Inc.)” states the announcement.

Since the data breach July 2015, Ruby improved the cyber security of its system through the implementation of numerous countermeasures.

The company also agreed to 20 years’ worth of the FTC overseeing its network security to ensure data protection. Security measures include:

  • Performing a risk assessment to protect customer data.
  • Implementing new data security protocols.
  • Upgrading systems based on the assessments.
  • Offering periodic security risk assessment (both internal and third-party).
  • Requiring “reasonable safeguards” against any potential cyber attacks from their service providers.

“If the proposed settlement agreement is approved by the Court, ruby will contribute a total of $11.2 million USD to a settlement fund, which will provide, among other things, payments to settlement class members who submit valid claims for alleged losses resulting from the data breach and alleged misrepresentations as described further in the proposed settlement agreement.” continues the announcement.

Watch out! Ruby warns that only “Valid claims” will be refunded, attackers may have intentionally inserted fake records in the database in order to be compensated after the disclosure of the incident.

“Therefore, ruby wishes to clarify that merely because a person’s name or other information appears to have been released in the data breach does not mean that person actually was a member of Ashley Madison.” continues Ruby.

Source:https://securityaffairs.co/wordpress/61081/data-breach/ashley-madison-11-2-million-settlement.html