Lynda.com is an online learning platform that was acquired last year by LinkedIn.
The company started notifying its customers over the weekend, hackers accessed learning data, including attempted courses and contact data. At the time I was writing there is no evidence of password exposure anyway and the company has notified law enforcement. LinkedIn, who owns the company, confirmed the incident and revealed that passwords of 55,000 users have been reset as a precaution, the overall number of impacted users could reach 9.5 million.
“You may have received an email notification from Lynda.com explaining that we recently became aware that an unauthorized third party accessed a database that included some Lynda.com learning data, such as contact information and courses viewed. We are informing users out of an abundance of caution.” reads the official statement from the company.
“We have no evidence that any data has been made publicly available.”
In response to the data breach LinkedIn announced further measures to protect Lynda.com user accounts.
This isn’t the first time LinkedIn suffers a data breach, in 2012 the company was hacked and data belonging to 117 million users were stolen by hackers. It was initially believed that the incident only affected 6.5 million accounts.
In October, the Czech police, working with the FBI, arrested a Russian man at a hotel in Prague that is suspected to be involved in the 2012 LinkedIn hack.
The cascading effects of the 2012 LinkedIn breach are still being felt throughout the business world. In June, CERT-Bund, Germany’s Computer Emergency Response Team for federal agencies, released a warning that corporate executives may be being targeted with malicious emails using information likely gained by hackers as a result of the 2012 breach.
CERT-Bund released a screenshot via its twitter feed, of an email containing a fake invoice targeting a business executive at an undisclosed organization.
In November, researchers from Heimdal Security reported a recent LinkedIn phishing campaign aiming to collect confidential information from unsuspecting users.
(Security Affairs – Lynda.com, hacking)