The Ashley Madison adultery website will pay $11.2 million to settle a class-action lawsuit filed after the dating site was hacked in July 2015, exposing data of millions of users, its owner said Friday. The lawsuit was brought on behalf of roughly 37 million users, which also included some celebrities.
Ashley Madison is a website dedicated to facilitating affairs between consenting adults, allowing a safe place for those who discretely search for a partner. Its slogan is “Life is short, have an affair.” The data theft leaked users' email address, names, home addresses, credit card details and sexual fantasies.
According to the documents, obtained by TMZ, users with valid claims can claim compensation up to $3,500. The amount that will not be claimed would be donated to charity. The proposed preliminary settlement, however, requires the approval of a federal court in the city of St Louis.
Layn Phillips, a former federal judge who mediated the settlement, said in the accord offered “a valuable recovery for the class in the face of many obstacles,” including the company's preference that victims independently negotiate their claims. He made it clear the victims have to directly get in touch with the company and ask for the settlement.
Last year, Ruby Corp, formerly known as Avid Life Media Inc, agreed to pay $1.66 million to settle a probe by the Federal Trade Commission and several states into "data security and deceptive practices." The massive hack resulted in Ruby losing more than a quarter of its revenue. Following the hack, the owner spent millions of dollars on cyber security.
Some of the big names that were exposed in the data leak included former “19 Kids and Counting” star Josh Duggar, YouTube celebrity Sam Radar, Florida State Attorney Jeff Ashton, Louisiana GOP official Jason Doré, among others.
Here's a timeline of the Ashely Madison hack.
- July 12, 2015: Ashley Madison operations team faced security issues.
- July 13, 2015: An Ashley Madison customer service representative finds a message from hackers threatening to release stolen data.
- July 15, 2015: Security blogger Brian Krebs breaks the Ashley Madison hack story, saying a group of hackers, known as "The Impact Team," published approximately 40MB of sensitive data stolen from Avid Life Media (ALM), the company that owns the dating site.
- July 19, 2015: Ashley Madison hackers publish a warning message and lengthy hack Manifesto on Pastebin.com. In the message, the hackers gave the site 30 days to shut down its operation.
- July 20, 2015: The company issued statements acknowledging the Ashley Madison hack and announcing a joint investigation with cyber security law enforcement hack experts, including the Royal Canadian Mounted Police, the Ontario Provincial Police, Toronto Police Services and the FBI.
- Aug. 18, 2015: The Ashley Madison hackers leaked the first list of data saying Ashley Madison was not shut down despite warnings.
- Aug. 18 and 19, 2015: The data dump was confirmed by experts.
- Aug. 20, 2015: A second list of Ashley Madison data was leaked.
- Aug. 21, 2015: In an interview, the Ashley Madison hackers claimed to have stolen more than 300GB of information from the website.
- Aug. 23, 2015: The hackers continue to dump more data, compromising user details.
- Aug. 24, 2015: A Canadian Class Action Lawsuit is filed against Ashley Madison.
- Aug. 24, 2015: After the lawsuit was filed, the dating site offered a $500,000 bounty for information leading to the arrest of the Ashley Madison hackers.
- Aug. 28, 2015: The then-CEO of Ashley Madison, Noel Biderman, resigned.
- September 2015: Ashley Madison starts a full-scale hack remediation program to improve the security of the website.
- April 11, 2016: Avid Life Media appoints a new CEO Rob Segal and President James Millership.
- July 5, 2016: Avid Life Media rebrands as Ruby Corp.