LinkedIn Faces Class Action Suit in Breach

Source: Source: UPI | Published on June 20, 2012

Data Breach - LinkedInU.S. business networking site LinkedIn says a $5 million class-action lawsuit that alleges it failed to protect its members' data is without merit.

The suit comes after a recent security breach in which thousands of passwords stolen by hackers ended up on a site accessible to the public.

Katie Szpyrka, a registered LinkedIn account holder since 2010, filed suit last week in the U.S. District Court in the Northern District of California, claiming LinkedIn violated its own privacy policies and user agreements by not following industry security standards.

In the suit, Szpyrka noted LinkedIn's privacy policy promises users all personal information is protected with industry standards and technology and said LinkedIn should have "salted" the passwords.

Salting is an encryption technique that provides an added layer of security to data.

LinkedIn has admitted not salting the passwords before storing them but said it is using the technique now.

However, the allegations in Szpyrka's suit are "without merit," LinkedIn spokeswoman Erin O'Harra said.

"No member account has been breached as a result of the incident, and we have no reason to believe that any LinkedIn member has been injured," O'Harra wrote in an e-mail to CNET.com.

"Therefore, it appears that these threats are driven by lawyers looking to take advantage of the situation."