The most recent 2016 LinkedIn data breach is a continuation of the original data breach that occurred in 2012. At the time, LinkedIn’s investigation revealed 6.5 million stolen username and password combinations, and took precautionary measures to re-secure those accounts.
On May 19th however, a Russian hacker with the moniker “Peace” was confirmed to be selling a database of 117 million usernames and passwords from the 2012 data breach, making it clear that the scope of the original incident was far wider than users had been led to be believe.
All LinkedIn users have since been urged to change their passwords and implement the 2 step authentication process, requiring both a password and a SMS message, if they have not already done so.
In an increasingly digital world, data breaches have become nearly commonplace in their frequency, and with each event companies must walk a fine line between alarming and angering users and alerting them to a possible security threat.
In 2012, LinkedIn conservatively estimated the scope of the hack rather than force all its users to reset their passwords. Though this would have cast doubt on LinkedIn’s cyber security capability, the current situation has led to criticism that the company has failed to take cyber security seriously.
For more information, click here.