$5 Million Lawsuit: LinkedIn taken to court over 6 million stolen passwords
June 22, 2012 (TSR) – A LinkedIn user has filed a $5 million lawsuit against the social network highlighting the corporation’s negligence in security issues that led to a massive password leak.
The case was brought to court by Illinois resident Katie Szpyrka, who claimed that LinkedIn had deceived customers by having a security policy “in clear contradiction of accepted industry standards for database security.”
The suit came two weeks after more than six million customer passwords stolen from the LinkedIn database were published on a Russian hacker website. The leak outraged users around the world, having endangered not only their personal, but also their professional data and valuable business contacts.
LinkedIn representatives say the lawsuit was actually driven by lawyers hoping to profit from the situation.
“No member account has been breached as a result of the incident, and we have no reason to believe that any LinkedIn member has been injured,” LinkedIn spokeswoman Erin O’Harra told Reuters.
Legal specialists point out that Szpyrka will first have to prove there was actual harm done to her by the leak. Since the leak was limited to passwords, not email addresses, the success of the lawsuit is doubtful.
LinkedIn is an employment and professional networking site with more than 160 million users in more than 200 countries and territories. The site is available in English, French, German, Italian, Portuguese, Spanish, Dutch, Swedish, Romanian, Russian, Turkish, Japanese, Czech and Polish.
The site has already experienced a major security flaws. Israeli security researchers recently found out that the network’s new iOS mobile application was transmitting to the main server all user calendar entries. Those include details about meeting locations, participants, dial-in information, passwords and sensitive meeting notes.