A federal judge on Friday approved an $11.2 million settlement between the marital infidelity website Ashley Madison and users who sued after hackers released personal information, including financial data and details of their sexual proclivities.
U.S. District Judge John Ross in St. Louis gave preliminary approval to a settlement that was announced last week by Toronto-based Ruby Corp., the parent company of Ashley Madison. Several lawsuits were consolidated in the Eastern District of Missouri.
A final approval hearing is scheduled for Nov. 20.
The lawsuits were filed after hackers outed millions of people who used the website two years ago. The suits said Ashley Madison misled consumers about its security measures and safeguards.
The company denied wrongdoing but said in a statement that it settled to “avoid the uncertainty, expense, and inconvenience associated with continued litigation.”
Ashley Madison is marketed to people seeking extramarital relationships. Its slogan is, “Life is short. Have an affair.” At one time, it purported to have about 39 million members.
Hackers broke into Ashley Madison’s systems in July 2015 and posted the details a month later after the company didn’t comply with their demands to shut down. The release of evidence of infidelity triggered extortion crimes and unconfirmed reports of suicides.
In December, Ruby Corp. agreed to pay $1.6 million in settlements with the U.S. Federal Trade Commission over the data breach. Thirteen states and the District of Columbia joined the FTC in the investigation that found lax data security practices. The investigation also found Ashley Madison created fake female profiles to entice male users.
In addition to monetary penalties to the FTC, Ruby agreed in December to end certain deceptive practices, to not create fake profiles, and to develop a stronger data security program.
The company has said that since the initial hack it has implemented several measures to make customer data more secure.
Source: Associated Press