The potentially life-destroying hack of infidelity website Ashley Madison may take down its parent company due to a class-action lawsuit.

A man identified as John Doe has filed a lawsuit against Ashley Madison and its parent company at a federal court in California, claiming that he suffered emotional distress due to inadequate protection of clients’ personal and financial information, writes Abhimanyu Ghoshal for TNW.

Class-Action Lawsuit Filed Against Ashley Madison

Website promoting infidelity hacked, user information published online

While it is certainly possible that evidence of your desire to have extramarital affairs would cause emotional distress, the man could end up being the downfall of the company. The lawsuit seeks class-action status, and accuses Ashley Madison and parent company Avid Life Media Inc of negligence and invasion of privacy.

The suit seeks as yet unspecified damages, and was filed in U.S. District Court in Los Angeles. A group of hackers known as the Impact Team stole “highly-sensitive personal, financial and identifying information of the website’s some 37 million users,” reads the lawsuit.

Impact Team told Ashley Madison that it would release user information if the site was not shut down, and in August it did just that. Reams of stolen information were published online, and while it is impossible to know the rules of every user’s relationship, it is fair to assume that a large number would not have wanted the fact that they are using the service to be made public.

Lawsuits filed in California and Canada

Among those affected by the data dump were U.S. government officials, UK civil servants and executives at corporations from the U.S. and Europe. According to the lawsuit, the data would not have been leaked if Ashley Madison had taken “necessary and reasonable precautions to protect its users’ information, by, for example, encrypting the data.”

Not only was “extremely personal and embarrassing information… accessible to the public,” the breach meant that addresses, phone numbers and credit card information was published online. All of this information can be used by scammers to perform identity fraud.

A class-action lawsuit has also been filed in Canada, seeking around $760 million in damages. The information is searchable online and it seems likely that a number of scandals will ensue.