Hackers may know what courses you took on Microsoft’s online learning site.

Lynda.com, the online learning site owned by Microsoft’s LinkedIn, reset 55,000 customer account passwords after disclosing a data breach this weekend.

LinkedIn's Lynda.com Resets 55,000 Passwords After Data Breach
Hackers accessed a database containing information on 9.5 million accounts—such as customer’s names, email addresses, and courses viewed—the company said in a statement on Saturday. “We are informing you of this issue out of an abundance of caution,” the note said.

The targeted database also included about 55,000 account passwords, a LinkedIn spokesperson told Fortune. These credentials were “cryptographically salted hashed,” the spokesperson said, referring to a pair of security measures that render stored data harder to decipher.

The LinkedIn spokesperson clarified in a follow-up note that the company’s information security team used the “PBKDFv2” algorithm to hash the passwords. (Some hashing algorithms, like “bcrypt,” an industry standard, are considered superior to others, like “MD5,” a more easily crackable predecessor.)

In response to Fortune’s inquiry about the time of the attack as well as its discovery, the spokesperson merely said, “This is a recent issue which we took immediate action to mitigate.”

Lynda.com said it is notifying victims of the theft. “We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts,” the LinkedIn spokesperson said.

LinkedIn, the professional social networking site, purchased Lynda.com for $1.5 billion last year. Microsoft later announced its intention to acquire LinkedIn for $26.2 billion in June, a deal which closed this month.

Read full article on Fortune.

Write A Comment