The financial impact of hacking attacks and security breaches continues, with LinkedIn coughing up cash to settle a lawsuit.

The business-oriented social network has paid $1.25m (£810,000) to settle the legal claim filed just after the theft of millions of passwords in the summer of 2012.

Massive Theft

It was in early June 2012 when LinkedIn first became aware of reports that almost 6.5 million passwords for the social networking site had been stolen and published online.

A Russian hacker had acquired password hashes, cracked many of them and posted them on a Russian website, in a move that potentially left millions of LinkedIn users vulnerable to account hijacking and personal data theft.

Following the breach, LinkedIn announced “a long-planned transition” to a password database system that both hashes and salts the passwords, to provide a double-layer of security.

Following the breach, the social network apologised and enlisted the help of the FBI in the matter, but that did not stop a class action lawsuit led by plaintiff Katie Szpyrka, who alleged that LinkedIn failed to properly safeguard users’ personally identifiable information, and violated its own user agreement and privacy policy by not using “long-standing industry standard protocols and technology.”

LinkedIn however consistently refuted the lawsuit, and indeed claimed it was inspired by lawyers wanting to exploit the situation. It confirmed that the password theft had cost the company between $500,000 (£322,705) and $1m (£645,000).

But now LinkedIn has agreed to settle the lawsuit and the $1.25m (£810,000) cash settlement will be shared among LinkedIn’s American users. And only those who paid to use the site between 15 March 2006 and 7 June 2012 are eligible, and the maximum each person can receive is $50 (£32).

To claim, qualifying LinkedIn users have to go to this website in order to get their compensation. Users have until May 2 to file their claim, and if they don’t file a claim, they will receive no compensation.

LinkedIn Win?

LinkedIn was keen to stress on the website that the “Court has not decided whether the Plaintiff or the Defendant should win this case. Instead, both sides agreed to a settlement.”

And with a settlement figure of just $50 for each qualifying user, plus the fact that it is now up to the court to determine the proper amount of any attorneys’ fees, some may feel that LinkedIn may have come out on top of the lawsuit, despite the damage the theft did to LinkedIn’s security credentials.

And that 2012 password theft was not the first time that LinkedIn has faced issues over its passwords.

In late 2010, Yahoo, Twitter and LinkedIn all asked their users to change their passwords, after a data breach at online publisher Gawker Media resulted in about 200,000 login details being compromised.

Are you a security guru? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

TikTok ‘Halts E-Commerce Expansion Plans’

TikTok reportedly scraps plans to expand TikTok Shop livestream commerce in Europe and US after…

2 hours ago

European Parliament Passes Landmark Tech Regulations

European Parliament votes to adopt Digital Markets Act and Digital Services Act, but campaigners warn…

3 hours ago

Indian Economic Police Raid Offices Of Smartphone Maker Vivo

Indian economic crime agency Enforcement Directorate raids dozens of locations across India belonging to China's…

4 hours ago

French Music Service Deezer Slumps On Market Debut

Spotify and Apple Music competitor Deezer falls below opening price after long-delayed IPO in Paris…

5 hours ago

Foxconn Expects Stronger Sales In Spite Of Economic Gloom

iPhone manufacturer Foxconn revises full-year expectations upward amidst strong consumer and data centre demand, bucking…

6 hours ago

Samsung ‘To See Profits Jump’ On Data Centre Demand

Industry analysts expect Samsung's profits to jump 15 percent for the second quarter as strong…

7 hours ago