DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Ashley Madison users sue Amazon Web Services, GoDaddy, and web site operators

Posted on September 6, 2015 by Dissent

Three John Doe plaintiffs  who were paying customers of AshleyMadison.com have sued Amazon Web Services, GoDaddy, and unnamed John Roe web site owners/operators who created sites allowing people to search for individuals who might be in the database.

In a complaint filed in Arizona federal court, the plaintiffs – one from California, one from New Jersey, and one from Maryland – allege that AWS and GoDaddy hosted stolen data for the other John Roe defendants (the owners/operators of ashleymadisonpowersearch.com, adulterysearch.com, ashleymadisoninvestigations.com, and greyhatpro.com).

All of the John Roe sites allegedly attempted to monetize use of the stolen data.

The complaint alleges, for all defendants (ISP and web site owners/operators):

  • violation of California Penal Code §496 (Receipt of stolen property)
  • violation of California Business & Professions Code §17200 (Unfair competition)
  • Negligent Infliction of Emotional Distress
  • Violation of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030

And additionally, for John Roe web site owner/operators:

  • Intentional Infliction of Emotional Distress

The plaintiffs are represented by Kronenberger Rosenfeld, LLP, a San Francisco law firm. The plaintiffs seek $3 million and a jury trial.

But here’s the thing: do the plaintiffs have standing?  Yes, information about them may have been stolen and sites may have then used that stolen information, but do they have standing to sue the defendants for receipt of stolen property when it wasn’t their property that was stolen?  Do they have standing to make any CFAA claims if it was not their database that was hacked or stolen or exposed? And doesn’t Section 230 of the Communications Decency Act immunize Amazon Web Services and GoDaddy for this type of situation?

And even though the plaintiffs might potentially have standing for the emotional distress claims, the complaint does not allege any particularized concrete harm or imminent harm. The complaint asserts that information on all three plaintiffs was in the data dump, but is silent on the nature of the information for each plaintiff. It then claims:

Like most users, Plaintiffs have suffered damages, including severe emotion distress, due to the ability of Plaintiffs’ spouses, children, family members, community connections, business associates, and the public at large to identify Plaintiffs as Users of of Ashley Madison. By this action, Plaintiffs seek compensatory damages in an amount to be proven at trial, but not less than three million dollars ($3,000,000).

So they’re not claiming that others have already identified them through these sites or that they have experienced any consequences at all of such identification.  This seems to be about what might happen and the worry customers have about what might happen. Is this enough to survive a challenge to standing? I wouldn’t think so, but then, I am not a lawyer.

There’s a lot about this complaint that puzzles me, and I will be watching for updates.

Great thanks to Alexander J. Martin  for providing this site with a copy of the complaint.

 

 

Related posts:

  • FTC Takes Action Against GoDaddy for Alleged Lax Data Security for Its Website Hosting Services
  • GoDaddy cold-hearted phishing exercise got employees’ hopes up — only to dash them
Category: Business Sector

Post navigation

← Heritage Foundation wasn’t attacked; they leaked their own data – sources (Update2)
Smart wearables for kids in China found to have security flaws →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.