The suit, which was filed by an Indiana man earlier this week, accuses RockYou - a developer of online social networking applications such as SuperWall on Facebook and Slideshow on MySpace - of allowing a hacker to steal usernames and passwords of over 32 million users.
As reported by Infosecurity earlier this month, Rockyou.com is not just any software site. Since its creation in 2006, it has become the hub for many social networking sites such as Bebo, Facebook and Myspace, to mention but a few.
At the time of the hack, Amichai Shulman, CTO of data security specialist Imperva, said that the bad news is that the SQL injection flaw - which caused the vulnerability - could have allowed hackers to access the 32 million entries of usernames plus passwords in the Rockyou.com database.
"And since the usernames and passwords are by default the same as the users' webmail account... this is a major lapse in security", he said.
Back in the present and Alan Claridge is reportedly seeking class action status on a lawsuit he filed on Monday in San Francisco.
Claridge said he registered with the RockYou portal last year to use a photo sharing application, and was notified last week that his personal information was compromised, including physical, plus email address details, as well as credit card information.
The lawsuit accuses RockYou of failing in its responsibility to protect sensitive customer data including email addresses, passwords, and login credentials for social networking sites.
In addition, it accuses RockYou of negligence in storing sensitive data in plaintext.
The lawsuit also alleges that RockYou failed to notify customers of the data loss in a reasonable period by only posting a notice on its website 10-12 days after it was notified.
"Because a majority of internet users utilise identical passwords across a wide range of websites, gaining access to a user's email account name and password has a high likelihood of providing access to a user's personal and/or work email account", the suit notes.
Just for good measure, the lawsuit includes nine counts including breach of contract, violation of California's Computer Crime Law, negligence, and California's Security Breach Information Act, among several other allegations.
In connection with this, the suit seeks for the court to order RockYou to protect customer data under penalty of law and seeks unspecified damages.
RockYou has not yet responded to the lawsuit.