Despite all of the commotion about leaked passwords, hackers and the end of the world last week, LinkedIn has reassured its userbase that no accounts were breached. Hackers are believed to have got their hands on some 6.5 million passwords in what was the biggest security attack the business-focussed network has ever experienced to date.
LinkedIn has claimed that it took quick action to disable all of the affected passwords and quickly notified the users in order to prevent any further damage being done.
LinkedIn director Vincente Silveira said on the company blog:
“Thus far, we have no reports of member accounts being breached as a result of the stolen passwords.
“As soon as we learned of the theft, we launched an investigation to confirm that the passwords were LinkedIn member passwords.
“Once confirmed, we immediately began to address the risk to our members.
“We have built a world-class security team here at LinkedIn including experts such as Ganesh Krishnan, formerly vice president and chief information security officer at Yahoo!, who joined us in 2010. This team reports directly to LinkedIn’s senior vice president of operations, David Henke.
“Under this team’s leadership, one of our major initiatives was the transition from a password database system that hashed passwords, i.e. provided one layer of encoding, to a system that both hashed and salted the passwords, i.e. provided an extra layer of protection that is a widely recognized best practice within the industry.”
There’s been no official word yet about who carried out the attack, but it’s cear LinkedIn is taking the whole incident very seriously indeed as it’s enlisted the help of the FBI to catch the perpetrators.[Via Tech Digest]