Blog Post

LinkedIn sued over hacking incident that exposed six million passwords

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

LinkedIn (s lnkd) will get to connect with a federal judge after an embarrassing security breach in early June. The social network for professionals has been hit with a class action seeking at least $5 million over an incident that exposed millions of user passwords.

A complaint filed in San Jose cites a “troubling lack of security measures” and accuses LinkedIn of negligence and breach of contract for failing to encrypt its user database with industry standard security measures. The incident resulted in hackers posting users’ information online but it is not yet clear how much data they obtained.

The lead plaintiff in the case is Katie Szpryka who paid for an upgraded account with the social network. The lawsuit, which also covers a separate class of users with free accounts, adds that LinkedIn breached California consumer protection laws. It cites a FTC complaint from 2003 in which the federal regulator accused the Guess! clothing company of unfair trade practices for storing customer information in an unencrypted database with poor security.

The case is likely to turn on whether LinkedIn did enough to protect its users accounts and whether it did enough to notify users of the hacking incident. The breach was first reported by a Norwegian security firm and then publicized by numerous technology sites but LinkedIn appears to have dithered for more than twelve hours before telling users that data had been compromised.

Critics claim LinkedIn should have used a common practice known as “salting” to make the passwords harder to decrypt.

The LinkedIn case is just the latest in a parade of class actions in which technology companies stand accused of violating user privacy. As we reported yesterday in regard to the latest $10 million Facebook settlement, money from the lawsuits rarely goes to users.

The complaint is below. It was first reported by CourtHouse news service.

Linkedin Class Action

Photo courtesy of Shutterstock user [Blazej Lyjak].

2 Responses to “LinkedIn sued over hacking incident that exposed six million passwords”

  1. Baxter Lee DeBerry

    yay i expect somethin for my pass and all my info for being stolen…… sheeze im upset that not only that my account on their was stolen but also other sites.. best thing to do is to change passwords.. im not sure i see anything wrong that linkedin did, but if it comes to it o well ill be waiting for somethin maybe like a dollar

  2. Good they are sued. These password leaks are getting old and should be stopped, especially since it’s so easy to do so. Though, I agree with the article in it’s shaded statement that only lawyers gain from such suits, and not end users.