LinkedIn has emailed its members a notice on data breach, even as it reiterated that it is taking steps to help protect its members.
According to the email, LinkedIn became aware on May 17 that data stolen from LinkedIn in 2012 was being made available online. It emphasized that “this was not a new security breach or hack.”
Information involved in the breach include: member email addresses, hashed passwords, and LinkedIn member IDs (an internal identifier LinkedIn assigns to each member profile) from 2012.
Already, LinkedIn “took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach.” In addition, “we are using automated tools to attempt to identify and block any suspicious activity that might occur on LinkedIn accounts. We are also actively engaging with law enforcement authorities.”
However, even as LinkedIn itself is taking steps to strengthen security, “we always suggest that our members visit our Safety Center to learn about enabling two-step verification, and implementing strong passwords in order to keep their accounts as safe as possible. We recommend that you regularly change your LinkedIn password and if you use the same or similar passwords on other online services, we recommend you set new passwords on those accounts as well,” LinkedIn ended.
