As reported by the San Jose Mercury News, “LinkedIn has settled for $1.25 million a lawsuit that alleges the social network didn’t do enough to protect the passwords and personal information of its paying users. In 2012, hackers stole and published 6.5 million LinkedIn member passwords on a Russian hacker website. The class-action lawsuit, which was filed in federal court, claims that LinkedIn violated its privacy policy and an agreement with subscribers that promised it would keep their passwords and personal information safe.”
Of note is LinkedIn’s decision to settle despite recent decisions, following the Supreme Court’s decision in Clapper, finding that plaintiffs in similar circumstances lacked standing to sue. Followers of cybersecurity law will no doubt be watching closely as to whether Clapper continues to carry the day going forward when it comes to standing in data breach cases.
For more on the settlement and the case, here are more resources:
-
“LinkedIn Will Give You a Whopping $1 for Leaking Your Password” from Gizmodo
-
“LinkedIn Settles Class-Action Suit Over Weak Password Security” from The New York Times (which offers more perspective on why LinkedIn decided to settle this case instead of proceeding with litigation)
