Under Review: 
No Review
Date Breach Made Public: 
June 6, 2012
Mountain View , CA
United States
California US
Records Breached: 

167,000,000 (No SSNs or financial information). Updated as of 5/18/2016


Breach Total Number: 
Year of Breach: 
Type of organization: 
Type of breach: 

A file containing 6,458,020 encrypted passwords was posted online by a group of hackers. It is unclear what other types of information were taken from Linkedin users.  LinkedIn recommends that users change their passwords.

UPDATE (08/30/2012): Four potential class actions against LinkedInCorp. were consolidated.  The consolidated suits allege that LinkedIn violated its user agreement and privacy policy by failing to properly safeguard digitally stored user data. LinkedIn is also accused of not publicizing the attack in a timely manner.

UPDATE (03/06/2013): A lawsuit that was filed in a federal court in San Jose, California in 2012 was dismissed.  The lawsuit was based on negligence claims, California consumer protection statutes, and breach of contract. The judge dismissed the lawsuit because the plaintiffs failed to demonstrate that any alleged misrepresentation by Linkedin was connected to the harm the plaintiffs suffered.

UPDATE (06/17/2013): A second class-action lawsuit against LinkedIn is in the making.  Linkedin is accused of of failing to use basic encryption techniques to secure personally identifiable information.  LinkedIn is trying to stop the second lawsuit form proceeding in federal court because the lead plaintiff has been able to show that she suffered an injury.

UPDATE (05/23/2016): Cory Scott, LinkeIn's Chief Information Security Officer posted that the company was notified of additional emails and passwords compromised of more then 100 million members.

More Information: