Extra-marital affairs website Ashley Madison which was hacked and its parent company are being sued in the US over its alleged careless handling of sensitive data. The new lawsuit, which seeks class action status, comes as the company faces a number of legal hurdles in its home country Canada.
The latest lawsuit brought by a man, identified only as John Doe, in the US District Court in Los Angeles, accuses Ashley Madison and its parent company of failing to adequately protect clients' personal and financial information from theft, Reuters reported. Doe also claimed he suffered emotional distress and is seeking unspecified damages.
The US lawsuit claims that the data breach would not have happened if the company had taken "necessary and reasonable precautions to protect its users' information, by, for example, encrypting the data".
The hacking of Ashley Madison and its parent company Avid Life Media has affected more than 37 million site users. The operation has also led to the dumping of the alleged source code of the company's products onto the dark web. The hackers, who identified themselves as the Impact Team, first released snippets of the data back in July, followed by 10GB of customer information and 20GB of internal data.
The hackers claim that they accessed all customer information databases, complete source code repositories, financial records, documentation and emails. Email addresses for US government officials, UK civil servants and high-level executives at European and North America corporations are said to be included in the data dumped online.
A class action lawsuit was filed in Canada against Avid Life Media for the breach of its customers' private information, and more lawsuits are expected. The Canadian lawsuit seeks some $578m (£368m, €503m) in damages.
The company is also facing a case in Missouri, where lawyers have filed a class-action lawsuit in July, seeking more than $5m in damages.