55,000 users have had their passwords reset after someone gained access to a database containing user information
LinkedIn’s online learning subsidiary Lynda.com notified 9.5 million users of a data breach over the weekend, with the leak including contact information and details about courses viewed.
The company emailed all of its users “out of an abundance of caution,” after an unauthorised party gained access to a database holding user information, despite the vast majority not having any password details affected.
However, it is believed that around 55,000 users also had their passwords stolen, so Lynda.com has reset the passwords of those affected and notified them. Speaking to VentureBeat, a spokesman said the passwords were “cryptographically salted and hashed” and no credit card information was included.
Lynda.com published a statement on the LinkedIn blog yesterday saying: “You may have received an email notification from Lynda.com explaining that we recently became aware that an unauthorised third party accessed a database that included some Lynda.com learning data, such as contact information and courses viewed. We are informing users out of an abundance of caution. We have no evidence that any data has been made publicly available.”
The company also assured users that it is “taking this issue very seriously and working with law enforcement” which, although admirable, won’t do much to appease a general public that has been bombarded with data breach notices in 2016.
LinkedIn purchased Lynda.com for $1.5 billion in 2015 as part of its plan to launch an online learning platform, before being acquired itself by Microsoft earlier this year for $26.2 billion (£18.5bn).
LinkedIn actually suffered a data breach of its own earlier this year when the account details of around 117 million users were put up for sale online, including those of Facebook CEO Mark Zuckerberg. It has also recently been blocked in Russia for breaching the country’s data protection regulations.