Toronto-based Ashley Madison, which has been under investigation for a breach in its data management system that saw 36 million account details published online, will only have to pay $1.6 million USD of a $17.5 million settlement to the US Federal Trade Commission.
According to The Guardian, the rest of the settlement was suspended due to parent company Ruby Corp being unable to pay.
“I recognise that it was a far lower number frankly than I would have liked,” said Federal Trade Commission chairwoman Edith Ramirez. “We want them to feel the pain. We don’t want them to profit from unlawful conduct. At the same time, we are not going to seek to put a company out of business.”
Due to the lower settlement number, Ashley Madison customers affected by the breach won’t receive any financial compensation. Class action lawsuits are still pending.
“The company is stable. We’re very pleased with the outcome,” said Rob Segal, who took over as CEO earlier this year. Founder Noel Biderman left the company soon after the leak.
In August, the Privacy Commissioner of Canada and the Office of the Australian Information Commissioner ran a joint investion on Avid Life Media (Ruby Corp’s former name). The investigation found that there were inadequate authentication processes for employees accessing the company’s system remotely, poor key and password management practices, and poor encryption processes.