The security of social networks is once again in the spotlight. eSecurityPlanet reports on a suit against RockYou a provider of widgets for social networking sites including Facebook and MySpace.
An Indiana man has filed a class action lawsuit against RockYou, alleging it failed to protect the personal data of more than 32 million customers.
On Dec. 16, Indiana resident Alan Claridge received an e-mail from RockYou, a developer of widgets and applications designed for social networking sites, such as Facebook and MySpace, warning him that his personal information — along with some 32 million other users — may have been hacked because the company failed to properly secure a key customer database.
Claridge responded to the security breach — which RockYou discovered itself just a couple weeks before sending out the foreboding e-mail—by filing a class action lawsuit on the behalf of himself and more than 32 million other people who either have or will soon be receiving the bad news in their inbox.
Michael Aschenbrener, the lead attorney for KamberEdelson LLC, the law firm handling the suit, claims that RockYou inexplicably failed to encrypt a database containing customers’ e-mail accounts, passwords, and login credentials for a variety of social networking sites. Instead, the lawsuit contends, RockYou kept all this critical data stored in plaintext files that were easily accessed by hackers for an unknown period of time.