My email and sha1'd password were leaked in LinkedIn's 2012 breach. They've, up til now, made no attempt to contact me. There seem to be CA state statutes requiring notification for this type of breach.<p>Has anyone else received notification?<p>Do they get a pass, legally, because unsalted sha1 actually counts as encryption?<p>I deleted my account at LinkedIn shortly after this event originally occurred. I only wish I had done it sooner...