Lawsuit seeks back pay and additional damages, charges Microsoft with unlawful discrimination Credit: Blair Hanley Frank Last week, Katie Moussouris, a noted security researcher and the woman who was instrumental in developing Microsoft’s bug bounty program – a task that led her to become one of the Web’s foremost experts on disclosure and vulnerability policy – filed a gender discrimination class action lawsuit against her former employer.The complaint alleges that over the years Microsoft has engaged in “systemic and pervasive discrimination against female employees in technical and engineering roles with respect to performance evaluations, pay, promotions, and other terms and conditions of employment.”Microsoft, in statements to the media, said they’re committed to a diverse workforce, one where all employees have the chance to succeed. The statement goes on to say that they’ve “previously reviewed the plaintiff’s allegations about her specific experience” and found nothing that support’s the lawsuit’s complaints.The core of the lawsuit addresses a practice of stack ranking, a policy that was dropped in 2013. From the complaint:“[F]or many years and continuing through 2013, Microsoft used a companywide “stack ranking” system for evaluating employee performance, which force ranked employees from best to worst using a performance rating from 1 through 5, with 1 being best, and 5 being worst. Only 20% of employees could receive a 1, 20% a 2, 40% a 3, 13% a 4, and the remaining 7% received a 5. This stack ranking process systematically undervalued female technical employees compared to similarly situated male employees because, among other reasons, it meant that lower ranked employees were inferior and should be paid less and promoted less frequently regardless of their actual contributions to Microsoft.”The ranking took place twice a year. The mid-year stack assignments were used as a means to determine mid-year promotions, and the end of year stacking was used for compensation and year-end promotions. This stacking, the complaint continues, led to a system where “female technical employees receive less compensation and are promoted less frequently than their male counterparts.”“Microsoft company-wide policies and practices systematically violate female technical employees’ rights and result in the unchecked gender bias that pervades its corporate culture.”Other than the blanket statement given to the media, Microsoft has issued no further comments. A copy of the filing itself is available online. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe