January 7, 2016 — Twenty people have joined a lawsuit in Mississippi against Ashley Madison, a dating website for those looking for extramarital affairs.
On December 9, 2015, federal judges issued a transfer order (PDF) to centralized the litigation under U.S. District Judge John A. Ross in a federal Multi-District Litigation (MDL No. 2669) in the Eastern District of Missouri.
All of the lawsuits involve a data breath in July 2015 that resulted in the electronic theft of personally identifiable and financial information on 37 million users — including user names, email addresses, credit-card details, and more.
Hackers published the data online in August 2015 after Avid Life Media (ALM), the parent company of Ashley Madison, refused to take the website offline. Allegations against ALM include:
- Failing to adequately secure users’ personal and financial information
- Marketing a “Full Delete Removal” service that did not actually remove account information from the Ashley Madison database
- Extensively using “bots” and other mechanisms to mimic fake female users to entice male users to make purchases.
Most of the plaintiffs have used fake names like John or Jane Doe, according to the Wall Street Journal. In December, a federal judge ordered a “John Doe” plaintiff to use his real name, arguing that his privacy interests were not significant enough to warrant anonymity. Lawyers for “John Doe” argued that forcing their client to use his real name “would allow others to scrutinize his extremely sensitive personal and financial information.”