In the wake of a massive security breach on the business networking site LinkedIn, which resulted in the leaking of roughly 6.5 million user passwords and their subsequently being published on an unauthorized Website, the company has issued a blog post to answer some of the most frequently asked questions about the breach. The company has also enlisted the help of the FBI for an investigation into the breach.
“We want to be as transparent as possible while at the same time preserving the security of our members without jeopardizing the ongoing investigation,” wrote LinkedIn director Vicente Silveira. “We take this criminal activity very seriously, so we are working closely with the FBI as they aggressively pursue the perpetrators of this crime.”
Silveira noted the compromised passwords were not published with corresponding email log-ins, and that the majority of passwords were “hashed”, meaning they were still encoded; however, he confessed that a subset of the passwords was decoded. Silveira also stressed that the only information published was the list passwords. “We are not aware of any member information being published at any time in connection with the list of stolen passwords,” he wrote.
Also addressed was the speed of LinkedIns response to the breach, reports of which first surfaced last Wednesday. Silveira said the company launched an investigation immediately after receiving confirmation of the breach, and by the end of Thursday, all passwords on the published list that were believed to have created risk for LinkedIn members had been disabled. “This is true, regardless of whether or not the passwords were decoded. After we disabled the passwords, we contacted members with instructions on how to reset their passwords,” he wrote. “Once again, we truly apologize for any inconvenience this has caused you, our members.”
Stolen passwords arent the only thing social media users have to worry about, a recent report from IT research firm Gartner indicated. The study found that corporate monitoring of employee behavior on social media sites like Facebook, Twitter or LinkedIn will rise to 60 percent by 2015. The report also raises the question of who is actually looking at this information and the parties who have access to employee-monitoring tools, as well as the ethical and legal issues involved.
Users should also be aware of their activities on social media sites and how that impacts their prospects of being hired. An April study from job-search site CareerBuilder shows that more than a third of companies (37 percent) polled use social networking sites to research job candidates. About a third (34 percent) of hiring managers who currently research candidates via social media said they have found information that has caused them not to hire a candidate, according to the report. That content ranges from evidence of inappropriate behavior to information that contradicted their listed qualifications.
