MOUNTAIN VIEW, Calif., June 12, 2012 (GLOBE NEWSWIRE) -- Since LinkedIn
became aware on the morning of June 6 of the theft of approximately 6.5
million passwords, we have communicated to our members and the media
regularly through various channels, including the company blog, email,
social media, and the LinkedIn homepage.
To ensure a broad and accurate awareness of the company's actions and
to give the public a general update, LinkedIn is providing the
following summary of information that we have made public about the
password theft and our subsequent investigation and response. This
alert consolidates key points made in previous communications from the
company. At this time, LinkedIn cannot release any further information
in order to protect our members and due to the ongoing investigation:
Member Commitment & Response
-- First and foremost, LinkedIn takes all matters relating to our members'
privacy and security seriously.
-- We have been working around the clock since learning last Wednesday that
a possible theft of passwords had occurred.
-- As soon as we learned of the theft, we launched an investigation to
confirm that the stolen passwords were, in fact, LinkedIn member
-- The stolen passwords were not published with corresponding email
-- Once we were able to make this determination, we immediately began to
address the risk to our members, prioritized as follows:
-- Based on our investigation, those members whom we believed were at risk,
and whose decoded passwords already had been published, had their
passwords quickly disabled and were sent an email by our customer
-- By the end of Thursday, June 7, all passwords on the published list that
we believed created risk for our members, based on our investigation,
had been disabled. This is true, regardless of whether or not the
passwords were decoded. After we disabled the passwords, we contacted
members with instructions on how to reset their passwords.
-- At this time, there have been no reports of compromised LinkedIn
accounts as a result of this password theft.
-- We are continuing to work with law enforcement as they investigate this
-- The health of our network, as measured by member growth and engagement,
remains as strong as it was prior to the incident.
-- LinkedIn's technology team includes world-class security experts. This
team includes Ganesh Krishnan, the company's security czar, who
previously served as vice president and Chief Information Security
Officer at Yahoo! Inc. He and the entire security function at LinkedIn
reports to Senior Vice President of Operations David Henke. Some
corporate governance experts recommend that corporations officially name
Chief Information Officers and Chief Information Security Officers.
LinkedIn historically has limited C-level titles only to its Chief
Executive Officer and Chief Financial Officer, so while Krishnan does
not formally have the title of Chief Information Security Officer, that
is the role he has played at the company since his hiring in 2010.
-- The LinkedIn technology team has completed a long-planned transition
from a password database system that hashed passwords, i.e. provided one
layer of encoding, to a system that both hashes and salts the passwords,
i.e. provides an extra layer of protection.
-- For security reasons, we cannot discuss certain details of our ongoing
-- We can confirm that all member passwords now are not only hashed, but
also salted, to provide an additional layer of security.
-- We will continue to investigate this criminal activity, and as we
continue to upgrade security measures, we will keep our members updated.
-- We are compliant with SEC regulatory filing obligations.
-- In addition, we have been providing ongoing disclosures and updates to
our members and to the public through postings on our corporate blog and
now through this media alert.
We are profoundly sorry for this incident. Member security is vitally
important to us, and transparency is a priority as well. We will
provide further updates as warranted by any new developments.
Founded in 2003, LinkedIn connects the world's professionals to make
them more productive and successful. With 161 million members
worldwide, including executives from every Fortune 500 company,
LinkedIn is the world's largest professional network on the Internet.
The company has a diversified business model with revenue coming from
member subscriptions, marketing solutions and hiring solutions.
Headquartered in Silicon Valley, LinkedIn also has offices across the
Americas, Europe, and the Asia-Pacific.
The LinkedIn logo is available at
CONTACT: Media Contact: