“We continue to execute on our security roadmap, and we’ll be releasing additional enhancements to better protect our members,” said Vicente Silveira, a director at LinkedIn, in a blog post.
Silveira revealed that prior to the attack, LinkedInwas already working on a “transition from a password database system with hashed passwords — which provided one layer of encoding — to a system with both hashed and salted passwords”. According to Silveira, new system ensured an extra layer of protection, which is considered to be the best practice in the industry.
Silveira also said that the accounts whose passwords haven't been disabled are unlikely to be at risk. However, Silveira once again urged users to reset their passwords.
In his blog post, Silveria also responded to criticism that LinkedIn was slow to respond to the data breach. “Based on our investigation, those members whom we believed were at risk, and whose decoded passwords already had been published, had their passwords quickly disabled and were sent an email by the Customer Service team,” he added.
The professional social network has been widely criticised for its 'silence' on the security breach. Critics are of the opinion that the security breach has put LinkedIn's reputation on the line and that the social network's growth may slow down in near future.
News that LinkedIn had suffered a massive hack surfaced last week after a Russian hacker posted 6,458,020 encrypted passwords on a website. Acknowledging the security breach, LinkedIn tendered apology to its users. Users whose decoded passwords were leaked online had their passwords disabled. They will be soon receiving an e-mail by LinkedIn's customer service team with instructions on how to reset their passwords. The company is working closely with FBI, to pursue the perpetrators of the crime.
No comments:
Post a Comment