Facebook for professionals, LinkedIn, has come open with information on data breach affecting some of its users. In a statement aimed at allaying the fears of its users, LinkedIn said it became aware that data stolen from LinkedIn in 2012 was being made available online. It however said the security breach wasn’t a new one.
“We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach,” LinkedIn said.
The data set involved in the hack include member email addresses, hashed passwords, and LinkedIn member IDs (an internal identifier LinkedIn assigns to each member profile) from 2012.
In response, the company said it invalidated passwords of all LinkedIn accounts created prior to the 2012 breach that had not reset their passwords since that breach.
“In addition, we are using automated tools to attempt to identify and block any suspicious activity that might occur on LinkedIn accounts. We are also actively engaging with law enforcement authorities.”
“LinkedIn has taken significant steps to strengthen account security since 2012. For example, we now use salted hashes to store passwords and enable additional account security by offering our members the option to use two-step verification.”