LinkedIn to pay £750,000 in security breach settlement

In a landmark court settlement, social networking service, LinkedIn, has agreed to pay just over £750,000 to resolve a class-action lawsuit spurred by a major data breach two years ago. Deemed the result of the company's “obsolete” security measures, the 2012 breach accessed and exposed 6.4 million LinkedIn users' personal information, including passwords, via hackers who had successfully infiltrated the servers.

The deal, which comes after several months of negotiations, will see major updates to the LinkedIn privacy policy and security claims policies, and also provides that settlement funds not distributed to class members will be donated to three information security non-profits, the Center for Democracy and Technology, World Privacy Forum and the Carnegie Mellon CyLab Usable Privacy and Security Laborator.

The “extraordinary” results of this case reveal a shift in official court acknowledgment of the potential damage wreaked by the exposure of personal data. 

“By providing significant direct cash to the class and valuable prospective relief,”  lawyers for the claimants commented, “the instant settlement exceeds the majority of privacy settlements that have won preliminary and/or final approval.”