Partner Article

LinkedIn breach highlights need for security intelligence

It has been revealed that the LinkedIn breach of 2012 was a lot more serious than previously thought. At the time, researchers found almost 6.5 million credentials belonging to site users, however the login credentials for more than 117 million LinkedIn accounts have now been put up for sale online with an asking price of $2,200. These credentials include email addresses, as well as poorly scrambled passwords. LinkedIn is working to invalidate the passwords that may still be actively used on compromised accounts.

“This is a perfect example of why it is so important to have full monitoring and response capabilities across corporate networks so that breaches can be identified, evaluated and stopped immediately,” said Ross Brewer, managing director of EMEA at LogRhythm. “Without this, businesses are running blind. We now know that millions of passwords weren’t refreshed at the time of breach in 2012, which means hackers have had their hands on a lot of passwords for a long time. With so many people still using the same passwords for multiple online accounts – despite advice to the contrary – this could have potentially put many of their other online accounts and portals at risk.

“The fact that LinkedIn was breached is neither a new nor surprising story – what matters is that today’s hackers are so sophisticated in their methods that they will get in, but they can be stopped,” continued Brewer. “What is worrying is that it took four years to fully understand the magnitude of this attack – and that only came to light when hackers decided to sell. With the EU GDPR coming into effect soon, businesses will be forced to report all breaches within a defined notification window, which means they cannot afford to make an underestimation as big as this. It’s crucial businesses use security intelligence so that they have full visibility into the extent of a breach as soon as it happens. Rapid detection is required to identify anomalous activity before it leads to a damaging data breach. Once this activity had been detected, organisations need to quickly and often automatically respond to diminish the threat and reduce the any risk to major information assets.”

This was posted in Bdaily's Members' News section by LogRhythm .