Two Canadian law firms have filed a CAN$757m (€511.3m) lawsuit against the companies that run Ashley Madison after a hacker group’s data breach exposed some 39 million memberships of the adultery website.
Charney Lawyers and Sutts, Strosberg, both of Ontario, said they filed the class-action lawsuit on behalf of Canadians who subscribed to Ashley Madison and whose personal information was disclosed to the public.
The website, with its slogan “Life is short. Have an affair” is marketed to facilitate extramarital relationships.
The lawsuit, filed on Thursday in the Ontario Superior Court of Justice, targets Avid Dating Life and Avid Life Media, the Toronto-based companies that run AshleyMadison.com. Its class-action status “still needs to be certified by the court,” the statement says.
Ashley Madison did not respond to requests for comment.
It has said that the personal details exposed in the initial data leak can’t be used to prove the infidelity of their clients.
The plaintiff is Eliot Shore, an Ottawa widower. He said he joined the website for a short time in search of companionship after he lost his wife to breast cancer. He said he never cheated and never met up with any members of the site.
Lawyer Ted Charney told The Associated Press it is the first class-action suit filed against the companies in Canada.
In the US, Missouri lawyers have filed a class-action lawsuit in US District Court seeking more than US$5m (€4.42m) in damages.
Lawyers filed a statement of claim late last month on behalf of an unnamed female plaintiff who said she spent $19 so Ashley Madison would purge her personal information from its website in a process called a “paid-delete”.
The new lawsuit argues the privacy of Canadian members was breached in July when hackers infiltrated Ashley Madison’s website and downloaded private information.
The data breach includes users’ personal names, emails, home addresses and message history. On Tuesday, the information was posted publicly online.
The law firms’ statement said numerous former users of the website have approached them to inquire about their privacy rights under Canadian law.
Mr Charney said: “They are outraged that AshleyMadison.com failed to protect its users’ information.
“In many cases, the users paid an additional fee for the website to remove all of their user data, only to discover that the information was left intact and exposed.
“The sensitivity of the information is so extreme and the repercussions of this breach are so extreme, it puts the damages faced by members in a completely different category of class-action suits.”
The law firms said the lawsuit is not being brought against the hackers, who have said they attacked the website in an effort to close it down as punishment for collecting a fee without actually deleting users’ data.
There are hundreds of email addresses in the data release that appear to be connected to federal, provincial and municipal workers across Canada, as well as to the Royal Canadian Mounted Police and the military.
According to the data breach, some of the website’s customers made credit-card transactions from computers attached to the department of national defence (DND) and Canada’s House of Commons.
The data, stored in more than 2,500 files, involved transactions spanning from March 2008 to several days in June of this year.
A DND spokeswoman said the department “has policies and practices in place to deter, detect and enforce unauthorised and prohibited computer use”.
The credit-card information of US government workers, some with sensitive jobs in the White House, Congress and the justice department, was also revealed in the data breach.