Ashley Madison’s penalty for exposing its users may surprise you
(WGNO) – In 2015, the online dating site Ashley Madison exposed information from some 36 million accounts, and now they’re paying the price. Well, sort of. Ashley Madison is actually paying about 4 cents per person, according to the Consumerist.
After the 2015 data breech, the Federal Trade Commission unearthed additional allegations.
For example, it became apparent that some of the female profiles on the site weren’t real. These so called “fembots” were used as a way to attract more customers to the site. Additionally, Ashley Madison was not being honest about the premium “full delete” option either – removing 100 percent of a person’s profile, including profile information and photos from the site and from the search.
The FTC claims Ashley Madison was failing at securing data on multiple fronts:
- By not regularly monitoring unsuccessful login attempts
- By failing to secure remote access
- By not revoking passwords for ex-employees of service providers
- By failing to restrict access to systems based on employees’ job functions
- By failing to deploy reasonable controls to identify, detect and prevent the retention of passwords
- By allowing employees to reuse passwords to access multiple servers and services
Ashley Madison’s parent company agreed to settle for $8.75 million. However, claiming financial hardship, the company will pay around $1.65 million of that, or, around 4 cents per exposed account.