The LinkedIn hack: what the experts think

Reaction to the LinkedIn hacking

Carl Leonard, senior security research manager EMEA, Websense

The compromise of a LinkedIn account has three important ramifications. First, the key concern is the bad actors taking advantage of trust. If you are 'linked' to a trusted colleague you are more likely to click on a malicious link sent from them, which may open the door to targeted attacks and confidential data theft.

Second, because many LinkedIn accounts are tied to other social media services, such as Facebook or Twitter, posts with malicious links can also be propagated to a larger audience.

And lastly, many of us are creatures of habit and have the same password for multiple accounts. The consequences of a breached password could be extrapolated across email, social media, banking accounts, and mobile phone data.

Orlando Scott-Cowley, Mimecast

While a data leak of this kind would be very worrying for individuals, a security issue with LinkedIn could also be very potentially damaging for businesses. With many users seeing the site as an extension of their business communications, rather than as a personal tool, employers need to be aware about the possible threat to corporate data that a LinkedIn breach could represent.

Now is a great time to educate your users on the benefits of password complexity and good password policies.

David Emm, senior security researcher at Kaspersky Lab

While LinkedIn says that they are notifying anyone with a compromised password that they need to change their password, we would recommend that anyone with a LinkedIn account takes the precaution of changing their password immediately.

Unfortunately, many people use the same password for multiple online accounts. This practice brings with it the risk that a compromise of one account puts all accounts at risk. We would urge everyone to use a unique, complex password for all online accounts, i.e. one that is at least eight characters and mixes letters, numbers and symbols.

John Yeo, Director at Trustwave SpiderLabs EMEA

It is important for all users of the social network to immediately change their password, not just on LinkedIn, but any other social network where the same password has been used. Perhaps more importantly however, users should also change any passwords to their corporate networks where they have used the same password.

Recent research conducted by Trustwave SpiderLabs found that in over 2.5 million passwords (in use within the workplace) that were analysed, variations on the word "password" made up more than 5% of passwords, and the most common password used by global businesses is "Password1" because it satisfies the default Microsoft Active Directory complexity setting. In approximately 15% of physical security tests, written passwords were found on and around workstations.

And finally… Vicente Silveira, LinkedIn

We want to provide you with an update on this morning's reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.

We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously.

Linkedin hacked. Photograph, Getty Images.

Steve Evans is the deputy web editor of Computer Business Review.

Photo: Getty Images
Show Hide image

What do Labour's lost voters make of the Labour leadership candidates?

What does Newsnight's focus group make of the Labour leadership candidates?

Tonight on Newsnight, an IpsosMori focus group of former Labour voters talks about the four Labour leadership candidates. What did they make of the four candidates?

On Andy Burnham:

“He’s the old guard, with Yvette Cooper”

“It’s the same message they were trying to portray right up to the election”​

“I thought that he acknowledged the fact that they didn’t say sorry during the time of the election, and how can you expect people to vote for you when you’re not actually acknowledging that you were part of the problem”​

“Strongish leader, and at least he’s acknowledging and saying let’s move on from here as opposed to wishy washy”

“I was surprised how long he’d been in politics if he was talking about Tony Blair years – he doesn’t look old enough”

On Jeremy Corbyn:

"“He’s the older guy with the grey hair who’s got all the policies straight out of the sixties and is a bit of a hippy as well is what he comes across as” 

“I agree with most of what he said, I must admit, but I don’t think as a country we can afford his principles”

“He was just going to be the opposite of Conservatives, but there might be policies on the Conservative side that, y’know, might be good policies”

“I’ve heard in the paper he’s the favourite to win the Labour leadership. Well, if that was him, then I won’t be voting for Labour, put it that way”

“I think he’s a very good politician but he’s unelectable as a Prime Minister”

On Yvette Cooper

“She sounds quite positive doesn’t she – for families and their everyday issues”

“Bedroom tax, working tax credits, mainly mum things as well”

“We had Margaret Thatcher obviously years ago, and then I’ve always thought about it being a man, I wanted a man, thinking they were stronger…  she was very strong and decisive as well”

“She was very clear – more so than the other guy [Burnham]”

“I think she’s trying to play down her economics background to sort of distance herself from her husband… I think she’s dumbing herself down”

On Liz Kendall

“None of it came from the heart”

“She just sounds like someone’s told her to say something, it’s not coming from the heart, she needs passion”

“Rather than saying what she’s going to do, she’s attacking”

“She reminded me of a headteacher when she was standing there, and she was quite boring. She just didn’t seem to have any sort of personality, and you can’t imagine her being a leader of a party”

“With Liz Kendall and Andy Burnham there’s a lot of rhetoric but there doesn’t seem to be a lot of direction behind what they’re saying. There seems to be a lot of words but no action.”

And, finally, a piece of advice for all four candidates, should they win the leadership election:

“Get down on your hands and knees and start praying”

Stephen Bush is editor of the Staggers, the New Statesman’s political blog.