$11.2 Million Settlement Reached in Ashley Madison Data Breach
Ruby Corp, Ashley Madison’s parent company, has reached an $11.2 million settlement with plaintiffs over its 2015 data breach. Plaintiffs claimed Ashley Madison had not taken sufficient steps to ensure their data was secure.
The settlement still needs to be approved by the judge, but if it is, Ruby Corp will not admit to wrongdoing but will compensate site users who “submit valid claims for alleged losses resulting from the data breach and alleged misrepresentations.” Individuals can claim up to $3,500, depending on how well they can document their losses.
Ruby Corp, formerly known as Avid Life, said they will also compensate claimants who were not actually members of the website. The statement read, “because a person’s name or other information appears to have been released in the data breach does not mean that person actually was a member of Ashley Madison.”
The website, whose tagline reads, “Life is short, Have an Affair,” was breached by a group calling themselves “hacktivists.” The group, which questioned the ethics of a website that encouraged people to have affairs, posted the user information of up to 37 million Ashley Madison users on the Dark Web.
This is the second large payout the company has made. Last year, they agreed to pay $1.66 million to settle an FTC investigation. Since the breach, the company said it has spent millions on improving its security.