LinkedIn user launches class action over password leak
A woman whose LinkedIn password was one of six million leaked online by a hacker earlier this month is suing the professional networking site for $5 million US, Reuters reported Thursday.
The news agency said lawyers for Katie Szpyrka of Illinois filed a motion in U.S. federal court in San Jose, Calif., to have a class-action suit certified against LinkedIn Corp.
They allege the company, based in Mountain View, Calif., deceived customers by not adhering to industry standards when it came to securing its user database.
The company's popular website, where professionals post resumes and personal profiles in order to network with colleagues and potential employers, was one of several targeted by a Russian hacker who posted lists of encrypted passwords to an online message board.
About eight million passwords belonging to users of LinkedIn, the music streaming site Last.fm and the online dating site eHarmony were posted to a discussion forum on the site InsidePro.com devoted to cracking passwords. LinkedIn was the most affected, with about 6.5 million of its users' passwords released.
The passwords were posted in a hashed, or encrypted, format and did not include user names, and LinkedIn told Reuters on Thursday that users' accounts were not breached as a result of the leak.
The company disabled the passwords automatically once the leak came to light and says users were not harmed by the breach.
News of the LinkedIn lawsuit follows a similar case involving Zappos, an online shoe retailer owned by Amazon.com that is being sued over the hacking of account information affecting 24 million of its customers.
A judicial panel in Nevada, where Zappos is based, last week consolidated nine separate class-action suits against the company and ordered them to be heard by the Nevada district court.