LinkedIn Sends out Password Reset Emails following Lynda.com Data Breach

Information from 9.5 million Lynda.com accounts has been accessed by a third party attacker, leading to an official statement by LinkedIn. Out of those, 55,000 passwords are thought to be in danger.

 

 

3

    

LinkedIn Sends out Password Reset Emails following Lynda.com Data Breach

Microsoft and Others Partner with LG to Develop Fold-out Smartphone Displays

Microsoft Opens Holiday Super Sale with Big Savings on Surface and Xbox Hardware

Microsoft Adds Improved Conditional Access to New Azure Portal

Microsoft Closing Windows Essentials on January 10

The now Microsoft-owned LinkedIn has admitted to a database breach of its learning arm Lynda.com. According to officials, attackers retrieved learner data of 9.5 million customers.

Out of those users, 55,000 had password information in the database, and have had the credentials reset. LinkedIn salted and hashed the passwords and there was no credit card information.

The LinkedIn Email

Little information is available about the source of the hack and how they managed to find a hole in security. LinkedIn’s email states that it was carried out by an “unauthorized third party.”

Officials also reassured publications they have “taken additional steps” to secure accounts and there’s no evidence that the information is publicly available. Here’s the full email sent to users:

“We recently became aware that an unauthorized third party breached a database that included some of your Lynda .com learning data, such as contact information and courses viewed. We are informing you of this issue out of an abundance of caution.

Please know that we have no evidence that this data included your password. And while we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure.”

LinkedIn’s quick response means that it’s unlikely hackers will compromise accounts. In addition, password hashing means that it will be harder for the attacker to reveal them anyway.

However, other accounts with the same password are at risk. As the breach included email addresses, an attacker could try the passwords on other services. It’s important that affected users take precautions any other site that uses that password.

In all likelihood, the third-party will sell the email addresses. Lynda users may experience an increase in spam or phishing emails, so it’s worth being extra cautious.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: