Ashley Madison settles with the FTC over online dating hack

More than a year after its total privacy meltdown, Ashley Madison will settle up. After news emerged that the company was subject to an investigation by the Federal Trade Commission, the company now faces a $17.5 million settlement as a result of the multi-state investigation.

Lucky for Ruby Corp., the online dating service’s rebranded parent company, it will only pay only $1.66 million outright, with the remaining costs tabled due to its inability to pay in full.

According to the New York Attorney General’s office:

“The settlement includes an immediate payment of $1,657,000 divided amongst the states and the Federal Trade Commission, of which New York will receive $81,330.94. The remainder of the $17.5 million payment is suspended based on ruby Corp.’s inability to pay. Up to 652,627 New York residents were members of Ashley Madison at the time of the security breach.”

The FTC charges allege that Ashley Madison misled its subscribers and did not adequately protect users from a security breach that exposed the private data of at least 36 million people across the globe.

“Creating fake profiles and selling services that are not delivered is unacceptable behavior for any dating website,” Vermont Attorney General William H. Sorrell said in the FTC release. A collection of 13 states and the District of Columbia worked with the commission on the case. Due to Ashley Madison’s global user base, the FTC also cooperated with the Office of the Privacy Commissioner of Canada and the Office of the Australian Information Commissioner in the investigation.

“This case represents one of the largest data breaches that the FTC has investigated to date, implicating 36 million individuals worldwide,” FTC Chairwoman Edith Ramirez said. Ramirez led a conference call on the settlement Wednesday afternoon.

In addition to the settlement payment, Ashley Madison will be forced to fully overhaul its privacy practices as a result of the investigation.