DGAP-News: LinkedIn Summarizes Password Theft and Member Security Efforts
(firmenpresse) - LinkedIn
13.06.2012 04:13
---------------------------------------------------------------------------
MOUNTAIN VIEW, Calif., 2012-06-13 04:12 CEST (GLOBE NEWSWIRE) --
Since LinkedIn became aware on the morning of June 6 of the theft of
approximately 6.5 million passwords, we have communicated to our members and
the media regularly through various channels, including the company blog,
email, social media, and the LinkedIn homepage.
To ensure a broad and accurate awareness of the company's actions and to give
the public a general update, LinkedIn is providing the following summary of
information that we have made public about the password theft and our
subsequent investigation and response. This alert consolidates key points made
in previous communications from the company. At this time, LinkedIn cannot
release any further information in order to protect our members and due to the
ongoing investigation:
Member Commitment&Response
-- First and foremost, LinkedIn takes all matters relating to our members'
privacy and security seriously.
-- We have been working around the clock since learning last Wednesday that a
possible theft of passwords had occurred.
-- As soon as we learned of the theft, we launched an investigation to confirm
that the stolen passwords were, in fact, LinkedIn member passwords.
-- The stolen passwords were not published with corresponding email logins.
-- Once we were able to make this determination, we immediately began to
address the risk to our members, prioritized as follows:
-- Based on our investigation, those members whom we believed were at risk,
and whose decoded passwords already had been published, had their passwords
quickly disabled and were sent an email by our customer service team.
-- By the end of Thursday, June 7, all passwords on the published list that we
believed created risk for our members, based on our investigation, had been
disabled. This is true, regardless of whether or not the passwords were
decoded. After we disabled the passwords, we contacted members with
instructions on how to reset their passwords.
-- At this time, there have been no reports of compromised LinkedIn accounts
as a result of this password theft.
-- We are continuing to work with law enforcement as they investigate this
crime.
-- The health of our network, as measured by member growth and engagement,
remains as strong as it was prior to the incident.
Technology Expertise
-- LinkedIn's technology team includes world-class security experts. This team
includes Ganesh Krishnan, the company's security czar, who previously
served as vice president and Chief Information Security Officer at Yahoo!
Inc. He and the entire security function at LinkedIn reports to Senior Vice
President of Operations David Henke. Some corporate governance experts
recommend that corporations officially name Chief Information Officers and
Chief Information Security Officers. LinkedIn historically has limited
C-level titles only to its Chief Executive Officer and Chief Financial
Officer, so while Krishnan does not formally have the title of Chief
Information Security Officer, that is the role he has played at the company
since his hiring in 2010.
-- The LinkedIn technology team has completed a long-planned transition from apassword database system that hashed passwords, i.e. provided one layer of
encoding, to a system that both hashes and salts the passwords, i.e.
provides an extra layer of protection.
-- For security reasons, we cannot discuss certain details of our ongoing
security upgrades.
-- We can confirm that all member passwords now are not only hashed, but also
salted, to provide an additional layer of security.
-- We will continue to investigate this criminal activity, and as we continue
to upgrade security measures, we will keep our members updated.
Regulatory Compliance
-- We are compliant with SEC regulatory filing obligations.
-- In addition, we have been providing ongoing disclosures and updates to our
members and to the public through postings on our corporate blog and now
through this media alert.
We are profoundly sorry for this incident. Member security is vitally important
to us, and transparency is a priority as well. We will provide further updates
as warranted by any new developments.
About LinkedIn
Founded in 2003, LinkedIn connects the world's professionals to make them more
productive and successful. With 161 million members worldwide, including
executives from every Fortune 500 company, LinkedIn is the world's largest
professional network on the Internet. The company has a diversified business
model with revenue coming from member subscriptions, marketing solutions and
hiring solutions. Headquartered in Silicon Valley, LinkedIn also has offices
across the Americas, Europe, and the Asia-Pacific.
The LinkedIn logo is available at
http://www.globenewswire.com/newsroom/prs/?pkgid=11096
CONTACT: Media Contact:
press(at)linkedin.com
News Source: NASDAQ OMX
13.06.2012 Dissemination of a Corporate News, transmitted by DGAP -
a company of EquityStory AG.
The issuer is solely responsible for the content of this announcement.
DGAP's Distribution Services include Regulatory Announcements,
Financial/Corporate News and Press Releases.
Media archive at www.dgap-medientreff.de and www.dgap.de
---------------------------------------------------------------------------
Language: English
Company: LinkedIn
United States
Phone:
Fax:
E-mail:
Internet:
ISIN: US53578A1088
WKN:
End of Announcement DGAP News-Service
---------------------------------------------------------------------------
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 13.06.2012 - 04:13 Uhr
Sprache: Deutsch
News-ID 155857
Anzahl Zeichen: 0
contact information:
Kategorie:
Business News
Diese Pressemitteilung wurde bisher 301 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"DGAP-News: LinkedIn Summarizes Password Theft and Member Security Efforts"
steht unter der journalistisch-redaktionellen Verantwortung von
LinkedIn (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
