MOUNTAIN VIEW, CA: LinkedIn shared an update with its users on Wednesday about the 2012 data breach still affecting the company and the steps it’s taking to address compromised accounts.
Four years ago, LinkedIn was the victim of a cyber attack that it initially believed only affected 6.5 million passwords. However, it acknowledged this month that not only was the hack many times larger than first believed – 117 million log-in credentials were stolen – but member email addresses, hashed passwords, and internal LinkedIn member IDs from 2012 are being sold on the black market.
LinkedIn said in Wednesday’s email that it took "immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk," which were accounts created prior to the breach in 2012 for which the passwords had not been reset.
"We also felt we had an obligation to send a broader update to all members to ensure they were aware of what had happened and what we are doing to protect them," said Melissa Selcher, VP of corporate communications at LinkedIn, in an emailed statement. "We also wanted to help them understand the role they can play in protecting themselves."
Other security measures taken by LinkedIn include tools monitoring and blocking suspicious activity, as well as notifying law-enforcement authorities. The network is also employing security measures such as salted hashes and giving users an option for two-step verification.
In addition to emailing users, LinkedIn also published a blog post last week on the data breach and updated it twice as more information became available. Selcher said via email the blog was translated into six languages and "the transparency has been very well received."
"We are managing this within our communications team — we have the expertise and haven't needed outside PR counsel," Selcher said. "We are implementing a follow-the-sun model which ensures we have communications teams and leaders on point at every hour of the day, in all regions around the world."