Nearly a year after a hack that exposed the private sex lives of millions of users, the infidelity dating website Ashley Madison is hoping to revive its credibility (and, we assume, revenues). In an apparent mea culpa, newly-installed executives at parent company Avid Life Media have revealed to Reuters previously undisclosed details about Ashley Madison's rampant fembot problem, as well as that the company is currently the subject of a U.S. Federal Trade Commission investigation.
After Ashley Madison was hacked last summer, exposing embarrassing internal company documents alongside information outing millions of members as potential cheaters, reporters dug into the documents looking for noteworthy users. But Annalee Newitz of Gizmodo discovered something else about many of the people on the site: they were fake users, or as she termed them, fembots.
Ashley Madison is now coming clean about its fake users, furnishing a report the company commissioned to look into the issue. From Reuters:
An Ernst & Young report commissioned by Avid and shared with Reuters confirmed that Avid used computer programs, dubbed fembots, that impersonated real women, striking up conversations with paying male customers.
Avid shut down the fake profiles in the United States, Canada and Australia in 2014, and by late 2015 in the rest of the world, but some U.S. users had message exchanges with foreign fembots until late in 2015, according to the report.
The executives said that the site's current male-to-female ration is five-to-one.
"We are profoundly sorry," Avid Life Media CEO Robert Segal told Reuters, apologizing for the hack. He added that the company could have spent more on security in an effort to prevent the breach in the first place. (Interestingly, while Ashley Madison is coming clean, its former CEO seems to be doing everything he can to try to make the hack just disappear.)
As for why the FTC is investigating the site, the executives said they didn't know. The FTC, though, often investigates companies for "deceptive" practices. In 2014, the FTC investigated and reached a $616,165 settlement with another dating site for using fake dating profiles to lure users. But fembots were not the only troubling thing exposed in the hack.
The hack revealed that the top-notch security the site bragged about on its homepage wasn't top-notch at all—Avid Life Media even stored user passwords without bothering to encrypt them. Additionally, Ashley Madison had offered users an option to have their accounts completely deleted if they paid a premium, but the hack revealed that the company had kept many of those users' details on record, meaning that they were exposed with the rest of the site's users.
Neither the FTC nor Avid Life Media responded to Fusion's request for comment.
The FTC investigation is not the site's only post-hack trouble. Avid Life Media has faced a rush of John Doe lawsuits after the hack. But Ashley Madison is fighting hard to protect and restore its tarnished reputation. A judge in one of the biggest lawsuits has already ruled in the company's favor on two pre-trial motions, ruling that hacked documents are not allowed in court and that plaintiffs must sue under their real name. The company told Reuters that it is spending millions to improve security and investigation payment options that would do more to protect the privacy of users.
But while a few new hires and beefed-up security protocols may allow Ashley Madison to move on, for the sites exposed users, it might not be so easy.