LinkedIn hits back at US data breach lawsuit claims

News
By published

Data breach victim dismisses suit as "lawyer-driven" and "without merit".

Linkedin logo

LinkedIn has dismissed a lawsuit filed by a disgruntled user in the wake of its recent data breach, accusing the firm of failing to keep information about its members safe. Earlier this month it emerged that the passwords of nearly 6.5 million of the social networking site's users were posted in a Russian web forum.If LinkedIn used appropriate encryption methods, the stolen information would be useless, as it would be indecipherable.On Monday, one of the site's members, Katie Szpyrka, filed a $5million class action complaint against the site with the United States District Court in the Northern District of California.

It claimed LinkedIn had failed to safeguard users' "digitally stored personally identifiable information(PII)" and violated its own user agreement and privacy policy by not using "industry standard protocols and technology".

"LinkedIn promises its users that "[a]ll information that [they] provide [to Linkedin] will be protected with industry standards protocols and technology," the document states.

"In direct contradiction to this promise, LinkedIn failed to comply with basic industry standards by maintaining millions of users' PII in its servers' databases in a weak encryption format and without implementing other crucial security measures."

The "weak encryption format" the lawsuit refers to is LinkedIn's decision to store user passwords in a hashed unsalted SHA1 format.

The lawsuit also claims the site was breached using an SQL injection attack, which is described as "a common hacking method" that should be relatively easy to evade.

"Had LinkedIn used proper encryption methods, and a hacker were able to penetrate LinkedIn's network, he would be limited in his ability to inflict harm," it added

"If LinkedIn used appropriate encryption methods yet failed to secure its database the stolen PII would be useless, as it would be indecipherable."

In a statement to IT Pro, a LinkedIn representative said Szpyrka's case was "without merit" and driven by lawyers looking to capitalise on the site's recent misfortunes.

"No member account has been breached as a result of the [password leak] incident, and we have no reason to believe that any LinkedIn member has been injured," the statement said.

"Therefore, it appears these threats are driven by lawyers looking to take advantage of the situation and we will defend the company vigorously against suits trying to leverage third-party criminal behaviour."

Caroline Donnelly
Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.
Jensen Huang, co-founder and chief executive of Nvidia pictured on stage at Nvidia GTC 2025 holding two GPUs.

Nvidia GTC 2025: Four big announcements you need to know about
The words "How effective are AI agents?" set against a dark blue background bearing the silhouettes of flowchart rectangles and diamonds to represent the computation and decisions made by AI agents. The words "AI agents" are yellow, while the others are white. The ITPro Podcast logo is in the bottom right-hand corner.

How effective are AI agents?
An illustration showing a mouth with speech bubbles and question marks and a stylized robot alien representing an AI assistant chirping away with symbols and ticks, to represent user annoyance with AI assistants.

On-device AI assistants are meant to be helpful – why do I find them so annoying?
See more latest
Most Popular
Jensen Huang, co-founder and chief executive of Nvidia pictured on stage at Nvidia GTC 2025 holding two GPUs.
Nvidia GTC 2025: Four big announcements you need to know about
Businessman hand pointing finger to growth success finance business chart of metaverse technology financial graph investment diagram on analysis stock market background with digital economy exchange.
Global security spending continues to rise
Women in tech concept image showing female tech worker sitting at desk working on desktop computer.
Imposter syndrome is pushing women out of tech
Jensen Huang, co-founder and chief executive officer of Nvidia, pictured during a news conference at the Nvidia GPU Technology Conference (GTC) in San Jose, California, US.
‘This is the first event in history where a company CEO invites all of the guests to explain why he was wrong’: Jensen Huang changes his tune on quantum computing after January stock shock
ServiceNow signage pictured during the Singapore FinTech Festival in Singapore, on Wednesday, Nov. 15, 2023.
Old ServiceNow vulnerabilities could cause havoc for unpatched customers
Soft skills concept image showing informal staff meeting in an open plan office environment with workers having a discussion.
AI skills training can't be left in the hands of big tech
Oracle CloudWorld Tour sign pictured at the company event in London, UK.
AI agent announcements are a dime a dozen right now – here’s what Oracle thinks it’s doing differently
Close-up shot of data centers servers in red, black, and light blue colors.
Server sales are skyrocketing – and growth shows no sign of slowing down
SonicWall logo and branding pictured on a smartphone screen.
SonicWall pins ‘transformational year’ on strong partner growth
Antonio Neri, chief executive officer of Hewlett Packard Enterprise Co. (HPE), bottom left, and Jensen Huang, co-founder and chief executive officer of Nvidia Corp., during a keynote address at the HPE Discover event at the Sphere in Las Vegas, Nevada, US, on Tuesday, June 18, 2024.
HPE unveils Mod Pod AI ‘data center-in-a-box’ at Nvidia GTC