AshleyMadison.com Owner Agrees to Pay $1.6M to Settle U.S. Probe

AshleyMadison.com Owner Agrees to Pay $1.6M to Settle U.S. Probe

WASHINGTON — Ruby Life Inc., the operator of the Toronto-based AshleyMadison.com dating site, has agreed to settle with FTC and state charges that the company deceived consumers and failed to protect 36 million users’ account and profile information in relation to a massive July 2015 data breach of its network.

The settlement requires Ruby Life, formerly known as Avid Life Media Inc., to implement a comprehensive data-security program, including third-party assessments.

In addition, the operators will pay a total of $1.6 million to settle FTC and state actions.

“This case represents one of the largest data breaches that the FTC has investigated to date, implicating 36 million individuals worldwide,” FTC chairwoman Edith Ramirez said in a release.

“The global settlement requires AshleyMadison.com to implement a range of more robust data security practices that will better-protect its users’ personal information from criminal hackers going forward.”

According to the FTC complaint, until August 2014, operators of the site lured customers, including 19 million users in the U.S., with fake profiles of women designed to convert them into paid members. Only users who pay to access the site can use all of its features, such as sending messages, chatting online in real time and sending virtual gifts.

Ruby Life, according to the FTC, assured users their personal information such as date of birth, relationship status and sexual preferences was private and securely protected. But the FTC alleges the security of AshleyMadison.com was lax.

According to the complaint, Ruby Life had no written information security policy, no reasonable access controls, inadequate security training of employees, no knowledge of whether third-party service providers were using reasonable security measures, and no measures to monitor the effectiveness of their system security.

Intruders accessed the companies’ networks several times between November 2014 and June 2015, but due to their lax data-security practices, the defendants did not discover the intrusions, the agency has alleged.

On July 12, 2015, the companies’ network experienced a major data breach that received significant media coverage. In August of 2015, the hackers published sensitive profile, account security, and billing information for more than 36 million AshleyMadison.com users.

The hack spawned scored of new sites that allowed users to search the massive list of users by simply plugging in an email. The FTC said this likely opened up users to “extortion, fraud, disclosure of sensitive, personal information and other harm.”

According to the complaint, this included information that the defendants had retained on users who had paid $19 for a “full delete” service to purportedly remove their data from the site network.

The complaint charged Ruby Life misrepresented that they had taken reasonable steps to ensure AshleyMadison.com was secure, that they had received a “Trusted Security Award” and that they would delete all of the information of consumers who utilized their Full Delete service.

The complaint also charged the defendants with misrepresenting that communications received by members were from actual women when in fact they were from fake engager profiles.

The FTC finally alleged that defendants engaged in unfair security practices by failing to take reasonable steps to prevent unauthorized access to personal information on their network, causing substantial consumer harm.

In addition to the provisions prohibiting the alleged misrepresentations and requiring a comprehensive security program, the proposed federal court order imposes an $8.75 million judgment which will be partially suspended upon payment of $828,500 to the FTC.

If Ruby Life is later found to have misrepresented its financial condition, the full amount will immediately become due. An additional $828,500 will be paid to the 13 states and the District of Columbia.

The FTC worked with a coalition of 13 states — Alaska, Arkansas, Hawaii, Louisiana, Maryland, Mississippi, Nebraska, New York, North Dakota, Oregon, Rhode Island, Tennessee, and Vermont — and the District of Columbia to secure a settlement against Ruby Life and affiliated companies Ruby Corp. and Avid Dating Life Inc.

The agency also worked with the Canadian and Australian governments in the case.

The FTC filed the complaint and final order in the U.S. District Court for the District of Columbia.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

UPDATED: Supreme Court Rules Against Adult Industry in Pivotal Texas AV Case

The U.S. Supreme Court on Friday issued its decision in Free Speech Coalition v. Paxton, striking a blow against the online adult industry by ruling in support of Texas’ controversial age verification law, HB 1181.

North Carolina Passes Extreme Bill Targeting Adult Sites

The North Carolina state legislature this week ratified a bill that would impose new regulations that industry observers have warned could push adult websites and platforms to ban most adult creators and content.

Supreme Court Ruling Due Friday in FSC v. Paxton AV Case

The U.S. Supreme Court will rule on Friday in Free Speech Coalition v. Paxton, the adult industry trade association's challenge to Texas’ controversial age verification law, HB 1181.

Ofcom: More Porn Providers Commit to Age Assurance Measures

A number of adult content providers operating in the U.K. have confirmed that they plan to introduce age checks in compliance with the Online Safety Act by the July 25 deadline, according to U.K. media regulator Ofcom.

Aylo Says It Will Comply With UK Age Assurance Requirements

Tech and media company Aylo, which owns various adult properties including Pornhub, YouPorn and Redtube, plans to introduce age assurance methods in the United Kingdom that satisfy government rules under the Online Safety Act, the company has announced.

Kyrgyzstan Parliament Approves Measure Outlawing Internet Porn

The Supreme Council of Kyrgyzstan on Wednesday passed legislation outlawing online adult content in the country.

Trial Set for Lawsuit by U Wisconsin Professor Fired Over Adult Content

A trial date of June 22, 2026, has been set for the civil lawsuit filed by veteran communications professor Joe Gow against the University of Wisconsin board of regents, which fired him for creating and appearing in adult content.

New UK Task Force Meets to Target Adult Content

The architect of an influential report that recommended banning adult content deemed “degrading, violent and misogynistic” has convened an “Independent Pornography Review task force” aimed at translating that report’s findings into action in the U.K.

11:11 Creations Launches Affiliate Program

11:11 Creations principal Alicia Silver has launched 11:11 Cash for creators and affiliates.

Pineapple Support, Pornhub to Host 'Self Love' Support Group

Pineapple Support and Pornhub are hosting a free online support group for performers to develop self-love.

Show More