Earlier this month, we wrote about LinkedIn’s password hashes that have been reportedly posted on a hacking forum in Russia. Now it appears that the giant social network for professionals will be facing the federal court for the mishap. A class action lawsuit has been filed by a premium-paying LinkedIn customer Katie Szpryka who said that the company did not do enough to safeguard its users’ digitally stored personal information, including email addresses, passwords, and login credentials. The complaint was filed in San Jose where Szpryka accused LinkedIn of failing to use industry-standard protocols to protect the information.
Now, she’s asking over $5 million in return for the damages. Over 6.5 million LinkedIn hashed passwords were posted online on June 6. Albeit the company admitted that it was not handling user data in accordance with best practices, Szpryka, a LinkedIn user since 2010, said that it was “too little too late”. LinkedIn failed to use a modern hashing and salting function, and therefore drastically exacerbated the consequences of a hacker by bypassing its outer layer of security. Had LinkedIn used proper encryption methods, and a hacker were able to penetrate LinkedIn’s network, he would be limited in his ability to inflict harm,” the complaint states.