Up to 800,000 LinkedIn premium service subscribers may be compensated after the company has agreed to settle a class-action lawsuit that alleges the it did not have proper security measures in place following its 2012 data breach.
In June 2012, someone on a Russian online forum dumped a file containing 6.4 million LinkedIn passwords that were compromised. The passwords were encrypted using the SHA-1 algorithm, an outdated cryptographic hash function created by the NSA.
Following the breach, a class-action lawsuit was brought on by plaintiff Khalilah Wright, a paid subscriber who argued that if she had known of the company's “lax security practices” she would have viewed them as “less valuable.”
According to the settlement, the 800,000 paid users between March 15, 2006 and June 6, 2012 are eligible to make a claim on the $1.25 million settlement fund.