Facebook and MySpace app maker and advertising network RockYou isn’t having a great December. Earlier this month, 32 million passwords were compromisedby a hacker going by the alias of “igigi.” That’s more than half of RockYou’s monthly active users.
The password attack, carried out through an SQL injection and the passwords stolen from an unencrypted plain text document (a big no-no), has been a black eye for the social application company. Its troubles aren’t over though, as a man from Indiana has filed a lawsuit against RockYou, one that has the potential to become a class action affair.
According to Wired, the lawsuit (which you’ll find embedded below) accuses the company of “failing to secure and safeguard its users’ sensitive personally identifiable information, including e-mail addresses and passwords.” The 27 page document goes on to explain how RockYou failed to protect its users or notify them of the data breach, thus recklessly endangering the information of its users.
The suit seeks class action status (meaning any of the other people affected by the data breach could join the lawsuit). In addition, it seeks unspecified damages and requires RockYou to better protect its data. It was filed by Alan Claridge of Evansville, Indiana in the Northern District of California, where RockYou is headquartered.
RockYou’s most popular apps include Super Pets!, Birthday Cards, Hug Me, Pieces of Flair, and SuperWall.