Yes, you’ve read it right! Even big companies like LinkedIn, which is worlds largest professional networking platform, is said to have ignored data security practices all these days.
On May 25th-26th, 2016, the company sent an email notice to all customers stating
“You may have heard reports recently about a security issue involving LinkedIn.” It continued to say, in effect, “Let us now distort and misrepresent those reports to make us sound as good as possible…..”
The main crux of this entire message was that, way back in 2012, LinkedIn servers were hacked and a file containing 6.5 million unique hashed passwords, member email addresses and LinkedIn member IDs were spilled in this process. Now, all that stolen information is said to have resurfaced on internet.
At that time, Business Oriented LinkedIn took immediate steps to invalidate the passwords of all LinkedIn Accounts that were believed to be at risk. However, this move was optional i.e. left to the user’s choice and so security experts from Kaspersky considered this move as ‘not’ a fool-proof method to secure user accounts.
Why, in May 2016, is California based LinkedIn invalidating those passwords and why in the world would LinkedIn has ignored the problem for so long?
May at that time the company did not take the implications seriously. Now, the company came to know that a large segment of users were still using the old passwords in the possession of cyber thieves and so has reacted.
And imagine, if big companies like LinkedIn, which has a user base of over 400 million, ignore data security practices, how will they set example for small companies?
So, before you renew your account, think on this issue guys!