The parent company of the adultery dating site Ashley Madison will pay $1.6 million in settlements to the U.S. resulting from a Federal Trade Commission probe into a massive breach of the company’s computer systems and the outing of millions of its members. Hackers penetrated company’s systems and then posted the information onlineafter the company didn’t comply with their demands to shut down Ashley Madison. New York state Attorney General Eric Schneiderman said Wednesday that reckless disregard for data security will not be tolerated. The investigation yielded poor data security practices and the company made several alleged misrepresentations, including a “Trusted Security Award” that appears to have been fabricated.
The FTC also found Ashley Madison created fake female profiles to attract male users. It used portions of the profile photographs of actual users who had not had account activity within the previous year as the photographs in the fake profiles that it created. The website had a saying: “Life is short. Have an affair” is marketed to people looking for extramarital relationships. It once purported to have about 39 million members.
Husbands and wives extramarital affairs were posted on the web after the massive leak. Extortion crimes and unconfirmed reports of suicides resulted. The New York attorney general’s office said the settlement with the company is for $17.5 million but said remainder of the $17.5 million payment is suspended based on ruby Corp.’s inability to pay.
In addition to monetary penalties, the attorney general’s office said ruby Corp. agreed to cease engaging in certain deceptive practices, to not create fake profiles, and to implement a stronger data security program.