OUCH! LinkedIn SLAPPED With This Lawsuit

LinkedIn’s (NYSE:LNKD) recent password security breach has landed it in the court after a user filed a $5 million class-action lawsuit against the social network. The complaint, filed in a San Jose federal court, accuses LinkedIn of negligence and breach of contract for failing to encrypt its user database, and alleges the network has a “troubling lack of security measures.”

Don’t Miss: Facebook Gives App Developers a BIG New Incentive.

The breach, which took place earlier this month, saw a group of hackers post encrypted passwords of almost 6.5 million users on an online forum and ask the community to crack them. The breach was first reported by a Norwegian security firm, but LinkedIn waited for several hours before confirming it.

Plaintiff Katie Szpryka, a registered LinkedIn account holder since 2010, said she paid for an upgraded account with the social network, but the suit also includes a separate class of users with free accounts. Szpryka’s petition alleges that LinkedIn breached California consumer protection laws and cites a FTC complaint from 2003 in which the Guess (NYSE:GES) clothing brand was accused of unfair trade practices for storing customer information in an unencrypted database.

Szpyrka, who pays $26.95 per month for a premium account, said LinkedIn’s privacy policy promises that all user information will be protected with industry standards and technology. However, the suit adds, LinkedIn relied on an outmoded hashing format to store passwords and did not adhere to the provisions of the U.S. National Institute of Standards and Technology. The suit also claims the company later admitted it “was not handling user data in accordance with best practices.”

A class-action suit against Facebook (NASDAQ:FB) was settled earlier this week after the social network decided to pay $10 million to charity.

Don’t Miss: Who’s CONQUERING the Online Video Space?