Telling the world (or just your clients) that you’ve had a security breach is embarrassing and it has a huge effect on people’s confidence about your business. LinkedIn just announced such a breach and it spells nothing but trouble.
“On May 17, 2016, we became aware that data stolen from LinkedIn in 2012 was being made available online. This was not a new security breach or hack. We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach.”
LinkedIn Trust & Safety Team
For an organisation that makes its living from the exchange of personal data, this is a serious issue. It means that everyone on the business networking site, all of whom have been notified of this situation, will be rethinking their membership (and if they’re not, they should be). We’re not saying ‘leave LinkedIn’ but what we are saying is that LinkedIn should enforce regular password changes and take every step possible to prevent this happening again.
LinkedIn has 433 million members – that’s a lot. That’s also a lot of data to be unsecured. The data affected was email addresses, passwords and member IDs. Hackers don’t always target such high profile sites, they go after any site randomly – accessing information, placing hidden links, installing hidden ‘back doors’ to your site and adding malware to infect your visitors. We were handed a problem website recently only to find 55,000 hidden links in a 100-page site.
Don’t risk your own security, no matter what size of business you are.
Don’t risk having to tell all your clients that their data has been exposed.