'
ProgramBusiness
 
  


  1. News Articles
  2. Related News Articles
  3. Comments
News Article Details

LinkedIn Sued for $5 Million for Security Breach

Source: LA Times


Posted on 22 Jun 2012 by Neilson

Facebook LinkedIn Twitter Google

LinkedIn Security BreachAfter being attacked by a hacker who stole 6.5 million of its passwords, LinkedIn is now being sued by one of its users for $5 million.

The lawsuit was filed on Friday in U.S. District Court in Northern California by an Illinois woman named Katie Szpyrka who in the lawsuit says LinkedIn failed to safeguard its users passwords.

The lawsuit, which seeks class-action status, says LinkedIn did not meet its privacy policy, which states that the business social network protects its 160-million users' information with industry-standard protocols and technology.

But the lawsuit says the passwords stolen by LinkedIn were only protected by hashes -- a form of password security -- and weren't also salted -- which is another form of password security typically used on top of hashing.

"Industry standards require at least the additional process of adding 'salt' to a password before running it through a hashing function," the lawsuit claims according to eWeek. "This procedure drastically increases the difficult of deciphering the resulting encrypted password."

Erin O'Harra, a spokeswoman for LinkedIn, said the company has not found that any of its users' accounts were actually breached as a result of the attack.

"Therefore, it appears that these threats are driven by lawyers looking to take advantage of the situation," O'Harra said in an email statement. "We believe these claims are without merit, and we will defend the company vigorously against suits trying to leverage third-party criminal behavior."

The suit was filed about a week and half after LinkedIn confirmed the attack. The company on June 6 began looking into reports that a hacker had dumped a list containing 6.5 million of its users' passwords and later confirmed that they had in fact been stolen.

LinkedIn had to force its affected users as well as some other users they suspected may have also been compromised to change their passwords.

Following the attack, LinkedIn announced that it would now be salting its passwords.


Comments

Post a Comment
If you are a Storefront / Tradingfloor user, click here to login.
Note: As a guest user, please fill out the form below to post a comment.
Post your comments here.
Name :
Email Address :
Captcha :
Comments :
Character left : 2000