The Low-Down on LinkedIn's Security Breach

If you've been shying away from using LinkedIn because of the security breach which made media headlines this year, here's some info from the horses-mouth (LinkedIn themselves) on what went down:

What Happened?

On May 17 2016, LinkedIn became aware that data stolen from the company in 2012 was being made available online. This was not a new security breach or hack. LinkedIn says it took immediate steps to invalidate the passwords of all LinkedIn accounts that they believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach.

What Information Was Involved?

Member email addresses, hashed passwords, and LinkedIn member IDs (an internal identifier LinkedIn assigns to each member profile) from 2012.

What LinkedIn Is Doing About It

LinkedIn invalidated passwords of all accounts created prior to the 2012 breach that had not reset their passwords since that breach. In addition, LinkedIn says they are using automated tools to attempt to identify and block any suspicious activity that might occur on LinkedIn accounts. LinkedIn mentions it is also actively engaging with law enforcement authorities.

LinkedIn says it has taken significant steps to strengthen account security since 2012. As an example, they now use salted hashes to store passwords and enable additional account security by offering our members the option to use two-step verification.

What You Can Do

LinkedIn has informed users it has several dedicated teams working to ensure that the information members entrust to LinkedIn remains secure. LinkedIn always suggests that it's members visit LinkedIn's Safety Center to learn about enabling two-step verification, and implementing strong passwords in order to keep their accounts as safe as possible. LinkedIn also recommends that you regularly change your password and if you use the same or similar passwords on other online services, they recommend you set new passwords on those accounts as well.

For More Information

If you have any questions, feel free to contact LinkedIn's Trust & Safety team at tns-help@linkedin.com. To learn more, you can also visit LinkedIn's official blog.