LinkedIn: Password Breach Cost Us As Much As $1m

LinkedIn’s password breach costs the firm a lot, but company claims damage was not significant

LinkedIn has confirmed the password theft that rocked the social networking company cost it between $500,000 and $1 million.

In June, 6.5 million passwords were stolen and published online. Although protected with SHA-1 hashes, there was no salting, meaning the hackers were able to crack some of the login details.

Steve Sordiello, chief financial officer at LinkedIn, said during a conference call that forensic work and “other elements” meant the company had to spend a significant amount. But otherwise, the overall impact would not have a significant material impact, he said.

No need to panic

“We have redoubled our efforts to ensure the safety of member accounts on LinkedIn by further improving password strengthening measures and enhancing the security of our infrastructure and data,” Jeff Weiner, CEO of LinkedIn, said earlier in the call on the firm’s second quarter financial results.

LinkedIn increased security protections after the breach, adding improved hashing and salting to its passwords. The company claimed it has not seen any malicious activity as a result of the breach, and that growth has remained as positive as it was prior to the incident.

Indeed, its membership base grew to 175 million in the second quarter. Revenue hit $228.2 million, representing a rise of 89 percent compared to $121 million the year before. However, profit fell to $2.8 million from  $4.5 million.

“LinkedIn had a strong second quarter with all of our key operating and financial metrics showing solid performance,” said Weiner said. “Our ongoing investment in product innovation drove healthy engagement as measured by unique visiting members and member page views and our three revenue streams all experienced significant growth.”

Various big-name organisations have been hit by password breaches of late. Just as LinkedIn was sued for its alleged lack of protection for user logins, Yahoo has been slapped with a lawsuit following a breach of its Voices blogging community.

Are you a security guru? Test yourself with our quiz!