Breach, Data Security, Threat Management

LinkedIn settles in class-action suit related to 2012 breach

Up to 800,000 LinkedIn premium service subscribers may be compensated after the company has agreed to settle a class-action lawsuit that alleges the it did not have proper security measures in place following its 2012 data breach.

In June 2012, someone on a Russian online forum dumped a file containing 6.4 million LinkedIn passwords that were compromised. The passwords were encrypted using the SHA-1 algorithm, an outdated cryptographic hash function created by the NSA.

Following the breach, a class-action lawsuit was brought on by plaintiff Khalilah Wright, a paid subscriber who argued that if she had known of the company's “lax security practices” she would have viewed them as “less valuable.”

According to the settlement, the 800,000 paid users between March 15, 2006 and June 6, 2012 are eligible to make a claim on the $1.25 million settlement fund.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.