Date

Search News

Archive Crawler
India Asia Middle East Australasia Europe N.America S.America Africa
Finance Personnel Hardware Software Gaming Internet Telecom General
Home
PR Newswire
Business Wire India
RealWire
Finance
Personnel
Hardware
Software
Gaming
Internet
Telecom
General
Features
Globe Newswire
BizWire Express
Tech
-n-
Trivia


Google Custom Search
Click here for Free Industry Resources!
LinkedIn Summarizes Password Theft and Member Security Efforts
GlobeNewswire
2012-06-12


MOUNTAIN VIEW, Calif., June 12, 2012 (GLOBE NEWSWIRE) -- Since LinkedIn
became aware on the morning of June 6 of the theft of approximately 6.5
million passwords, we have communicated to our members and the media
regularly through various channels, including the company blog, email,
social media, and the LinkedIn homepage.

To ensure a broad and accurate awareness of the company's actions and
to give the public a general update, LinkedIn is providing the
following summary of information that we have made public about the
password theft and our subsequent investigation and response. This
alert consolidates key points made in previous communications from the
company. At this time, LinkedIn cannot release any further information
in order to protect our members and due to the ongoing investigation:

Member Commitment & Response


  --  First and foremost, LinkedIn takes all matters relating to our members'
      privacy and security seriously.

  --  We have been working around the clock since learning last Wednesday that
      a possible theft of passwords had occurred.

  --  As soon as we learned of the theft, we launched an investigation to
      confirm that the stolen passwords were, in fact, LinkedIn member
      passwords.

  --  The stolen passwords were not published with corresponding email
      logins.

  --  Once we were able to make this determination, we immediately began to
      address the risk to our members, prioritized as follows:





  --  Based on our investigation, those members whom we believed were at risk,
      and whose decoded passwords already had been published, had their
      passwords quickly disabled and were sent an email by our customer
      service team.

  --  By the end of Thursday, June 7, all passwords on the published list that
      we believed created risk for our members, based on our investigation,
      had been disabled. This is true, regardless of whether or not the
      passwords were decoded. After we disabled the passwords, we contacted
      members with instructions on how to reset their passwords.





  --  At this time, there have been no reports of compromised LinkedIn
      accounts as a result of this password theft.

  --  We are continuing to work with law enforcement as they investigate this
      crime.

  --  The health of our network, as measured by member growth and engagement,
      remains as strong as it was prior to the incident.




Technology Expertise


  --  LinkedIn's technology team includes world-class security experts. This
      team includes Ganesh Krishnan, the company's security czar, who
      previously served as vice president and Chief Information Security
      Officer at Yahoo! Inc. He and the entire security function at LinkedIn
      reports to Senior Vice President of Operations David Henke. Some
      corporate governance experts recommend that corporations officially name
      Chief Information Officers and Chief Information Security Officers.
      LinkedIn historically has limited C-level titles only to its Chief
      Executive Officer and Chief Financial Officer, so while Krishnan does
      not formally have the title of Chief Information Security Officer, that
      is the role he has played at the company since his hiring in 2010.

  --  The LinkedIn technology team has completed a long-planned transition
      from a password database system that hashed passwords, i.e. provided one
      layer of encoding, to a system that both hashes and salts the passwords,
      i.e. provides an extra layer of protection.

  --  For security reasons, we cannot discuss certain details of our ongoing
      security upgrades.

  --  We can confirm that all member passwords now are not only hashed, but
      also salted, to provide an additional layer of security.

  --  We will continue to investigate this criminal activity, and as we
      continue to upgrade security measures, we will keep our members updated.




Regulatory Compliance


  --  We are compliant with SEC regulatory filing obligations.
 
  --  In addition, we have been providing ongoing disclosures and updates to
      our members and to the public through postings on our corporate blog and
      now through this media alert.




We are profoundly sorry for this incident. Member security is vitally
important to us, and transparency is a priority as well. We will
provide further updates as warranted by any new developments.

About LinkedIn



Founded in 2003, LinkedIn connects the world's professionals to make
them more productive and successful. With 161 million members
worldwide, including executives from every Fortune 500 company,
LinkedIn is the world's largest professional network on the Internet.
The company has a diversified business model with revenue coming from
member subscriptions, marketing solutions and hiring solutions.
Headquartered in Silicon Valley, LinkedIn also has offices across the
Americas, Europe, and the Asia-Pacific.

The LinkedIn logo is available at
http://www.globenewswire.com/newsroom/prs/?pkgid=11096


CONTACT: Media Contact:
         press@linkedin.com