JACKSON, MS (WLOX) - The owners of AshleyMadison.com have agreed to a $1.7 million settlement with the federal government and 13 states, including Mississippi.
The dating website, which caters to married people looking to have an affair, was targeted by hackers in July 2015. Information from millions of users, including photos, usernames, email addresses, and communications with other users was posted publicly online.
In the wake of the security breach, it was discovered that the website had created thousands of fake user profiles, misrepresented the strength of its security, and sold a "Full Delete" option which it did not carry out in all instances.
In the settlement, the company agreed to end certain deceptive practices, to not create fake profiles, and to implement a stronger data security program.
"This breach should remind everyone to be careful about his or her online activity, because there's always a chance that hackers will obtain their personal information," Mississippi Attorney General Hood said. "I will not condone the actions of those who used this site nor the owners who provided a means for the destruction of marriages and the break-up of families. However, like every business, the owners of the site had an obligation to ensure that user information was secure, so they failed in their legal responsibility as well."
Hood said Mississippi's share of the settlement is $52,489.05. The company demonstrated through financial documentation that they were unable to pay a larger amount. But Hood said if information changes, they could be ordered to pay an additional $17 million to the parties involved.
Attorney General Hood said his office's Cybersecurity Guide could be helpful to small businesses, corporations and government agencies. The guide includes an overview of potential cybersecurity threats to businesses, suggestions for a response to those threats and for actions following a data breach or hacking incident.
Download a copy of the guide here: http://www.ago.state.ms.us/wp-content/uploads/2015/10/Cybersecurity-Guide1.pdf