Following the discovery that its mobile app for iOS devices is sending potentially confidential information to the company servers without the users' knowledge, the leak of 6.5 million of its users' passwords, and the poor job they made at keeping users informed about the situation and the likely consequences, the company has been hit with a class action lawsuit.
The leader is Illinois resident Katie Szpyrka, who has been a LinkedIn customer since 2010, and has been paying $26 a month for a premium account.
"That LinkedIn did not recognize its databases had been compromised until it was informed through public channels provides further evidence that the company didn't adhere to industry standards. Specifically, LinkedIn did not implement, or it poorly implemented, an intrusion detection system to properly identify and quickly respond to attacks on its servers."
Szpyrka also claims that the professional social network failed to warn the users about the breach adequately and in time. When the warning emails were finally sent, half a million of them either never reached the users, as they were flagged by anti-spam filters, or were ignored by the users themselves as there were no obvious signs that the emails were legitimate.
According to ThreatPost, LinkedIn spokeswoman Erin O'Harra said the lawsuit is "without merit", pointed out that no member account has been breached as a result of the incident, and that the company will defend itself "vigorously".
Szpyrka is asking for $5 million or more in damages.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.