A putative class action against LinkedIn that follows a computer attack that made public millions of users’ passwords, has been pared down. The case will proceed with a focus on allegations that the professional networking site misrepresented the strength of its security protections.
Judge Edward Davila refused on March 28 to dismiss the case—In Re: LinkedIn User Privacy Litigation in U.S. District Court for the Northern District of California. Read the court’s order here.
Instead, Davila trimmed away two claims made by plaintiff Khalilah Gilmore-Wright. The judge preserved her contention that she would not have paid for a LinkedIn premium account if she had known the company’s security was below industry standards.
The suit stems from a 2012 security breach in which hackers obtained and posted 6.5 million passwords online. Three days after the hack was discovered, LinkedIn said in a statement that it had switched its password encryption method to a more advanced one.
The judge ordered the parties to appear at a case management conference on June 6—exactly two years after the hackers broke into LinkedIn.
Plaintiffs attorneys include Jay Edelson, Rafey Balabanian, Ari Scharg and Christopher Dore, Edelson LLC, Chicago, and Laurence King and Linda Fog, Kaplan Fox & Kilsheimer LLC, San Francisco.
Lisa Hoffman is a contributing writer for The National Law Journal.