LinkedIn is to be sued for $5 million (£3.2 million) after the hacking incident last week that saw 6.5 million password hashes leaked.
The plaintiff, Chicago resident Katie Szpyrka, has filed a class action lawsuit for: breach of contract; breach of the implied covenant of good faith and fair dealing; breach of implied contracts; and negligence.
The filing also claims that while some security threats are unavoidable, LinkedIn's failure to comply with industry standards also jeopardised users' personal information – as guaranteed by its own contractual terms.
Paragraph 24 says that if LinkedIn had user encryption methods, a hacker would be limited in their ability to inflict harm. LinkedIn added a system that salts and hashes passwords to provide an extra layer of protection.
Szpyrka joined LinkedIn in 2010 and had a premium account.
LinkedIn posted the following statement: "We have recently learned that a class action lawsuit has been filed against the company related to the theft of hashed LinkedIn member passwords that were published on an unauthorised website.
“No member account has been breached as a result of the incident, and we have no reason to believe that any LinkedIn member has been injured. Therefore, it appears that these threats are driven by lawyers looking to take advantage of the situation. We believe these claims are without merit, and we will defend the company vigorously against suits trying to leverage third-party criminal behaviour."