The LinkedIn hack: what the experts think

Reaction to the LinkedIn hacking

Carl Leonard, senior security research manager EMEA, Websense

The compromise of a LinkedIn account has three important ramifications. First, the key concern is the bad actors taking advantage of trust. If you are 'linked' to a trusted colleague you are more likely to click on a malicious link sent from them, which may open the door to targeted attacks and confidential data theft.

Second, because many LinkedIn accounts are tied to other social media services, such as Facebook or Twitter, posts with malicious links can also be propagated to a larger audience.

And lastly, many of us are creatures of habit and have the same password for multiple accounts. The consequences of a breached password could be extrapolated across email, social media, banking accounts, and mobile phone data.

Orlando Scott-Cowley, Mimecast

While a data leak of this kind would be very worrying for individuals, a security issue with LinkedIn could also be very potentially damaging for businesses. With many users seeing the site as an extension of their business communications, rather than as a personal tool, employers need to be aware about the possible threat to corporate data that a LinkedIn breach could represent.

Now is a great time to educate your users on the benefits of password complexity and good password policies.

David Emm, senior security researcher at Kaspersky Lab

While LinkedIn says that they are notifying anyone with a compromised password that they need to change their password, we would recommend that anyone with a LinkedIn account takes the precaution of changing their password immediately.

Unfortunately, many people use the same password for multiple online accounts. This practice brings with it the risk that a compromise of one account puts all accounts at risk. We would urge everyone to use a unique, complex password for all online accounts, i.e. one that is at least eight characters and mixes letters, numbers and symbols.

John Yeo, Director at Trustwave SpiderLabs EMEA

It is important for all users of the social network to immediately change their password, not just on LinkedIn, but any other social network where the same password has been used. Perhaps more importantly however, users should also change any passwords to their corporate networks where they have used the same password.

Recent research conducted by Trustwave SpiderLabs found that in over 2.5 million passwords (in use within the workplace) that were analysed, variations on the word "password" made up more than 5% of passwords, and the most common password used by global businesses is "Password1" because it satisfies the default Microsoft Active Directory complexity setting. In approximately 15% of physical security tests, written passwords were found on and around workstations.

And finally… Vicente Silveira, LinkedIn

We want to provide you with an update on this morning's reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.

We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously.

Linkedin hacked. Photograph, Getty Images.

Steve Evans is the deputy web editor of Computer Business Review.

Getty Images.
Show Hide image

Donald Trump's healthcare failure could be to his advantage

The appearance of weakness is less electorally damaging than actually removing healthcare from millions of people.

Good morning. Is it all over for Donald Trump? His approval ratings have cratered to below 40%. Now his attempt to dismantle Barack Obama's healthcare reforms have hit serious resistance from within the Republican Party, adding to the failures and retreats of his early days in office.

The problem for the GOP is that their opposition to Obamacare had more to do with the word "Obama" than the word "care". The previous President opted for a right-wing solution to the problem of the uninsured in a doomed attempt to secure bipartisan support for his healthcare reform. The politician with the biggest impact on the structures of the Affordable Care Act is Mitt Romney.

But now that the Republicans control all three branches of government they are left in a situation where they have no alternative to Obamacare that wouldn't either a) shred conservative orthodoxies on healthcare or b) create numerous and angry losers in their constituencies. The difficulties for Trump's proposal is that it does a bit of both.

Now the man who ran on his ability to cut a deal has been forced to make a take it or leave plea to Republicans in the House of Representatives: vote for this plan or say goodbye to any chance of repealing Obamacare.

But that's probably good news for Trump. The appearance of weakness and failure is less electorally damaging than actually succeeding in removing healthcare from millions of people, including people who voted for Trump.

Trump won his first term because his own negatives as a candidate weren't quite enough to drag him down on a night when he underperformed Republican candidates across the country. The historical trends all make it hard for a first-term incumbent to lose. So far, Trump's administration is largely being frustrated by the Republican establishment though he is succeeding in leveraging the Presidency for the benefit of his business empire.

But it may be that in the failure to get anything done he succeeds in once again riding Republican coattails to victory in 2020.

Stephen Bush is special correspondent at the New Statesman. His daily briefing, Morning Call, provides a quick and essential guide to British politics.