LinkedIn Massive Data Breach Triggers Class-Action Lawsuit

Home > LinkedIn Massive Data Breach Triggers Class-Action Lawsuit

Author: John Duckgeischel on June 20, 2012 - 10:56 PM

LinkedIn has experienced tough going recently. First hackers were able to penetrate LinkedIn’s database which contained over six million passwords, then the passwords were were posted online. Secondly a potential class-action lawsuit was filed which said that LinkedIn has failed to meet “industry standard” security levels, after experienced a massive data breach in early June. The lawsuit was filed for a premium services subscriber from Illinois, Katie Szpryrka. The litigation seeks class-action certification status for the lawsuit for all LinkedIn users. Although the LinkedIn passwords were “hashed” as part of the encryption process, they did not “salt” the passwords by mixing in random characters as many other websites do. Since this incident occured LinkedIn has begun the practice of salting passwords.

Although LinkedIn claimed to use standard protocols to protect user information, the suit alleges that LinkedIn was negligent by not utilizing "long standing industry standard encryption protocols". LinkedIn claims that the suit does not have merit and that it will “vigorously” defend itself in court. “No member account has been breached as a result of the incident, and we have no reason to believe that any LinkedIn member has been injured. Therefore, it appears that these threats are driven by lawyers looking to take advantage of the situation," LinkedIn spokeswoman Erin O'Harra stated in an email.

add to: