LinkedIn Apologises For Password Breach

Social network LinkedIn has provided more information on a security breach that affected roughly 6.5 million user passwords

In the wake of a massive security breach on the business networking site LinkedIn, which resulted in the leaking of roughly 6.5 million user passwords and their subsequently published on an unauthorised website, the company has issued a blog post to answer some of the most frequently asked questions about the breach.

The company has also enlisted the help of the FBI for an investigation into the breach.

Investigation is ongoing

“We want to be as transparent as possible while at the same time preserving the security of our members without jeopardising the ongoing investigation,” wrote LinkedIn director Vicente Silveira. We take this criminal activity very seriously so we are working closely with the FBI as they aggressively pursue the perpetrators of this crime.”

Silveira noted the compromised passwords were not published with corresponding email logins, and that the majority of passwords were “hashed”, meaning they were still encoded, however he admitted that a subset of the passwords were decoded.

Silveira also stressed that the only information published was the list passwords. “We are not aware of any member information being published at any time in connection with the list of stolen passwords,” he wrote.

Also addressed was the speed of LinkedIn’s repose to the breach, reports of which first surfaced last Wednesday. Silveira said the company launched an investigation immediately after receiving confirmation of the breach, and by the end of Thursday, all passwords on the published list that were believed to have created risk for LinkedIn members had been disabled.

“This is true regardless of whether or not the passwords were decoded. After we disabled the passwords, we contacted members with instructions on how to reset their passwords,” he wrote. “Once again, we truly apologise for any inconvenience this has caused you, our members.”

Further concerns for social media users

Stolen passwords aren’t the only thing social media users have to worry about, a recent report from IT research firm Gartner indicated. The study found that corporate monitoring of employee behavior on social media sites like Facebook, Twitter or LinkedIn will rise to 60 percent by 2015.

The report also raises the question of who is actually looking at this information and the parties who have access to employee-monitoring tools, as well as the ethical and legal issues involved.

Users should also be aware of their activities on social media sites and how it impacts their prospects of being hired. More than a third of companies (37 percent) polled use social networking sites to research job candidates, according to an April survey from CareerBuilder.

A third (34 percent) of hiring managers who currently research candidates via social media said they have found information that has caused them not to hire a candidate, according to the report. That content ranges from evidence of inappropriate behaviour to information that contradicted their listed qualifications.

Do you know Google’s secrets? To find out, take our quiz.