LinkedIn skill learning unit Lynda.com hit by database breach

The online learning platform reset passwords for close to 55,000 affected users

Lynda.com, the online learning unit of LinkedIn, has reset passwords for some of its users after it discovered recently that an unauthorized external party had accessed a database containing user data.

The passwords of close to 55,000 affected users were reset as a precautionary measure and they have been notified of the issue, LinkedIn said in a statement over the weekend.

The professional network is also notifying about 9.5 million Lynda.com users who “had learner data, but no protected password information,” in the breached database. “We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts,” according to the statement.

In a notice to users, Lynda.com said that the database breach could have included some of the users’ Lynda.com learning data, such as contact information and courses viewed. It added that it was warning users out of an abundance of caution.

The company said in a reply on Twitter that it was taking the issue very seriously and was working with law enforcement.

Lynda.com was acquired by LinkedIn for US$1.5 billion in a cash and stock deal. The parent was in turn acquired by Microsoft this month after meeting regulatory approval from the European Union for the all-cash transaction worth US$26.2 billion.

The breach at Lynda.com comes a little after Yahoo said last week that data relating to over a whopping 1 billion user accounts had been stolen in 2013. This is the second big breach reported by Yahoo, with the other affecting at least 500 million users.

LinkedIn has had its own problems with breaches. It said in May it had reset passwords of a large number of members of its network after data had been released on the dark web that claimed to be email and hashed password combinations of 100 million LinkedIn members from a data breach in 2012. Some 6.5 million user records and hashed passwords were posted online after the 2012 hack.

On Twitter, a number of people were not unexpectedly disturbed about the development, with one user questioning how users would be compensated for the loss of privacy.

Show Comments