A few years ago, LinkedIn screwed up big-time, and millions of user passwords got leaked. And now LinkedIn is prepared to pay each eligible screwed-over person a truly tiny settlement in one of the most arrogant and insulting settlements for digital duncery yet.
In 2012, around 6.5 million LinkedIn user’s passwords were leaked by Russian hackers. People looking to hobnob online for their jobs ended up vulnerable to having everyone in the world know they logged into a professional networking social media service with the password squirter.
Because LinkedIn failed to adequately protect its data, passwords like these got published:
buttcrack
swampass
bigtits
methmouth
bukkake
Now, finally, after a class-action lawsuit, LinkedIn has been ordered to compensate its humiliated users… by humiliating them further with a pathetic pittance settlement of around $US1 for the 800,000 outed Premium Users who joined the lawsuit.
Although it admitted to the hack and advised users to change their passwords, the company still denies any wrongdoing. A spokesperson told the New York Times that LinkedIn settled “to avoid the distraction and expense of ongoing litigation.”
LinkedIn has agreed to salt and hash its passwords for five years after the settlement, so it will be less likely for the same leak to happen again, even though they never should have happened in the first place.
The paltry payout amount per person highlights how contrite the company is: One measly dollar’s worth.
Getting a settlement that small is almost more insulting than getting no settlement at all. A month of LinkedIn Premium costs $US30, so this payout is the equivalent of one more day using the service.
To receive the settlement, people have to apply, so even if they went through the rigamarole of the suit, they will only get their money if they go through the rigamarole of applying to receive it. Now, since the $US1.25 million overall settlement shakes down to the cost of Angry Birds if everyone applies, that will probably dissuade people from applying, which means the people who do may end up getting up to $US50.
The only way some people who got screwed over by LinkedIn will get a slightly inoffensive settlement is if others are so disheartened by it that they don’t bother asking for anything.
Look, this hack didn’t result, as far as we know, in anyone actually missing out on a job or getting publicly outed as the person who signs into a career-focused networking account each day by typing the word “bukkake”.
But LinkedIn still doesn’t understand how its utterly incompetent password-protection breached the trust of its users in a way that deserves both a genuine apology and an offering of more than a buck. And that’s not a very professional look.
[Ars Technica via New York Times]