Cygilant Blog

Scope of 2012 LinkedIn Data Breach Much Larger

Posted by Trevan Marden on May 31, 2016



Last week, news sources reported that the data breach that occurred at LinkedIn in 2012 was actually much, much larger than original thought. The breach was originally thought to have affected almost 6.5 million accounts, but security researchers have now discovered a much larger data dump, containing 117 million login credentials, offered for sale on the dark web. LinkedIn has acknowledged the news and has taken steps to invalidate credentials for all accounts that have not yet reset their passwords since the data breach occurred, reminding all users that changing passwords frequently is a recommended security practice, as well as recommending that users consider two-factor authentication.


The response makes no acknowledgement, however, that password re-use may compound the severity of the breach. If a now exposed password has also been used on other sites, that access is now compromised as well.  If you’re still using (or re-using) the password you used for LinkedIn prior to 2012 for any other sites, now is the time to change your password to those sites as well.


Another interesting item in this news story underscores how prevalent insecure passwords are. Brian Krebs reported on his blog, citing LeakedSource, that “just 50 easily guessed passwords made up more than 2.2 million of the 117 million encrypted passwords exposed in the breach.” The top three used: ‘123456,’ ‘linkedin,’ and ‘password.’


This also another example of a breached company who only learned the scope of the breach when credentials were found online some years after the breach originally occurred. The Verizon 2016 Data Breach Investigations Report has reported similar findings, noting that method of discovery for data breaches over time has experienced recent rises in the percentage of breaches only discovered by third parties or law enforcement. Many data breach victims only discover an attack has occurred after the fact when someone else discovers the data or subsequent fraud. All too often, companies lack the necessary security monitoring to prevent or at least discover and mitigate damage from an attack. 


We see that this is true even for large companies, such as the Home Depot, Target and LinkedIn, but for smaller organizations, who often lack the time, budget, and resources of their larger enterprise counterparts, gaining this level of security posture can be particularly difficult. For mid-market organizations, managed security services that combine aspects of people, process, and technology to help your organization achieve your security objectives can be an effective and affordable choice.


More and more, organizations that were previously understaffed, underbudgeted, and overwhelmed are finding that EiQ’s managed security services that combine the best people, process, and technology are a welcome change from going it alone. EiQ is transforming how mid-market organizations build enterprise-class security programs. Acting as an extension of our customers’ IT teams, EiQ’s SOCVue provides continuous security operations based on best-of-breed technology at a fraction of the cost of alternative solutions. EiQ is a trusted advisor to organizations that need to improve their IT security and compliance posture by protecting their infrastructure against cyber threats and vulnerabilities. To learn more, please request a demo today.

Request Free Demo Now!

Tags: Data Breach, Hacking, InfoSec, IT Security, Technology

Most Recent Posts

Subscribe to Email Updates