"failed to properly safeguard its users’ digitally stored personally identifiable information including email addresses, passwords, and login credentials.” She filed the suit in a United States District Court in a district in Northern California. She wants a trial in front of jury on the grounds of breach ofcontract and negligence. She says that members of the class action suit should include individualsand entities in the United States who have had a LinkedIn account on or before the 6th of June, 2012. The group should include individuals and entities that have signedup for premium accounts. Szpyrka has a premium LinkedIn account and pays $26.95 (approx Rs. 1,513) per month for it. She says that LinkedIn breached their terms of agreement because they promise its users that it protects their users' information using industry standards and technology. While the company had hashed passwords, they didn't salt the passwords, which made it easier for the hackers to break in. Szpyrka has said that LinkedIn had not encrypted user passwords based on industry standards, which was a breach of agreement. The suit also mentions the fact that LinkedIn washacked with a SQL injection, a method of hacking that has been used for a long time. Thisattack is done via a website where hackers will eventually get to the database of information. The suit cites National Institute of Standards and Technology checklists as a common tool to avoid such SQL attacks. Furthermore, thesuit claims that LinkedIn had not publicized the attacks, which only came to be known when third parties started reportingit. It claims that LinkedIn only later admitted that they weren't handling user data in accordance to the best practices. The suit claims that the damages are in excess of $5 million. Furthermore, LinkedIn users who share their account passwords with other accounts are recommended to change passwords of their otheraccounts.
Wednesday, June 20, 2012
LinkedIn sued for $5 million in class action suit
"failed to properly safeguard its users’ digitally stored personally identifiable information including email addresses, passwords, and login credentials.” She filed the suit in a United States District Court in a district in Northern California. She wants a trial in front of jury on the grounds of breach ofcontract and negligence. She says that members of the class action suit should include individualsand entities in the United States who have had a LinkedIn account on or before the 6th of June, 2012. The group should include individuals and entities that have signedup for premium accounts. Szpyrka has a premium LinkedIn account and pays $26.95 (approx Rs. 1,513) per month for it. She says that LinkedIn breached their terms of agreement because they promise its users that it protects their users' information using industry standards and technology. While the company had hashed passwords, they didn't salt the passwords, which made it easier for the hackers to break in. Szpyrka has said that LinkedIn had not encrypted user passwords based on industry standards, which was a breach of agreement. The suit also mentions the fact that LinkedIn washacked with a SQL injection, a method of hacking that has been used for a long time. Thisattack is done via a website where hackers will eventually get to the database of information. The suit cites National Institute of Standards and Technology checklists as a common tool to avoid such SQL attacks. Furthermore, thesuit claims that LinkedIn had not publicized the attacks, which only came to be known when third parties started reportingit. It claims that LinkedIn only later admitted that they weren't handling user data in accordance to the best practices. The suit claims that the damages are in excess of $5 million. Furthermore, LinkedIn users who share their account passwords with other accounts are recommended to change passwords of their otheraccounts.
Tags :
Latest News
Subscribe to:
Post Comments (Atom)
