LinkedIn-owned online learning platform lynda.com, which now comes under Microsoft, has allegedly been breached and is now notifying its 9.5 million users of the same. There is currently no word on the repercussions (or sale) of the breached data but the company isn’t leaving any stones unturned to protect the users privacy.
The breach in the company’s database has been confirmed to VentureBeat by a spokesperson who says that Lynda.com is alerting everyone of the third party access even if they were affected or not. The company believes that over 55,000 user accounts along with their passwords, learning data, courses viewed, and contact information were breached.
But LinkedIn — which includes Lynda’s content library into its own new learning product — isn’t toying with the user’s security and has sent password reset requests to all of Lynda.com users out of “an abundance of caution.” The notification sent by Lynda.com to its users reads:
We recently became aware that an unauthorized third party breached a database that included some of your Lynda.com learning data, such as contact information and courses viewed. We are informing you of this issue out of an abundance of caution.
Please know that we have no evidence that this data included your password. And while we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure.
If you have questions, we encourage you to contact us through our Support Center.
The Lynda.com team
The company, though, adds that the handful of passwords that were breached were “cryptographically salted and hashed.” It also confirms that no payment (credit/debit card) information was stolen in the process. Talking about the same, the spokesperson added,
We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts.
Though this breach adds to the rapidly growing list of cyber attacks but it surprisingly pales in comparison to other recent hacks, including the massive 117 million account LinkedIn breach. There is currently no info on whether the two are connected but there is a possibility of the same. Also, the disclosure of this breach comes on the heels of the billion account hack reveal by Yahoo, whose $4.8 billion acquisition – unlike LinkedIn — in now in jeopardy.