![]() “This is the serious social networking site. LinkedIn is a natural target for data thieves because the site stores valuable information about millions of professionals, including well-known business leaders. “There is no guarantee that information may not be accessed, copied, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.” NATURAL TARGET “Since the Internet is not a 100 percent secure environment, we cannot ensure or warrant the security of any information you transmit to LinkedIn,” it cautions. “Personal information you provide will be secured in accordance with industry standards and technology,” according to the privacy policy on. Their user statement spells out the steps it will take to protect customer data and the risks customers face. “If they can demonstrate that information hadn’t been comprised, that would certainly give them a defense,” Ferguson said.Ĭompany representatives declined to respond to the criticism of their techniques for protecting passwords or any potential legal implications. He said that LinkedIn could face lawsuits if accounts had been breached since its terms of use say it employs the industry standard for security. There could be legal repercussions for that failure to comply with industry standards, said Gerald Ferguson, an attorney at Baker Hostetler who is an expert on privacy and intellectual property law. ![]() ![]() Several experts said the company fell down in the way it encrypted, or scrambled, the passwords that were stored in the database.Ĭarr of Taia Global said LinkedIn did not follow an industry standard for encryption, which requires use of a technique known as “salting” that greatly increases the amount of time and computer power needed to crack an encrypted password. “As long as they don’t know what happened here, there is a good chance that it is more widespread than originally thought.”Ĭustomers whose passwords were among those stolen were still getting notified by LinkedIn as of Friday afternoon, days after news of the breach first surfaced. ![]() “There is going to be more to come,” said Jeffrey Carr, chief executive of security firm Taia Global. The dearth of information has left some security professionals and customers worried that LinkedIn’s computer systems may have suffered a more serious breach. LinkedIn LNKD.N has hired outside forensics experts to assist as company engineers and the FBI seek to determine how more than 6 million customer passwords turned up on underground sites frequented by criminal hackers.Ĭompany spokesman Hani Durzy said LinkedIn has invalidated the stolen passwords, even though it does not know if any other account information was stolen besides passwords. Some cyber security experts say LinkedIn did not have adequate protections in place, and warn that the company could uncover further data-losses over coming days as it tries to figure out what happened. Several days after news of the theft of the passwords emerged, the site with more than 160 million members still says it has yet to determine the full extent of the breach. These passwords were protected to an extent but not "salted" - that is, protected by an additional layer of random digits designed to make them harder to crack.The sign up page of is seen in Singapore in this file photo taken May 20, 2011. Motherboard says it looked at a sample of more than one million stolen credentials provided by LeakSource. People may not have taken it very seriously back then as it was not spread," an individual associated with LeakedSource reportedly told Motherboard. The company added that it will invalidate passwords for all accounts that were created prior to the data breach if those passwords have not been updated since the incident.Īccording to sources quoted by Motherboard, the stolen data currently lives in two places: on the illegal marketplace The Real Deal and on the hacked data search engine LeakedSource. ![]() "We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," LinkedIn said in a statement on Wednesday. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |