Lynda.com, the training arm of LinkedIn, on Saturday issued email notices to about 55,000 members whose data it says has been perused by an “unauthorized third party.”
The letter sent to members, two of whom thoughtfully forwarded it to El Reg, reads as follows:
We recently became aware that an unauthorized third party breached a database that included some of your Lynda.com learning data, such as contact information and courses viewed. We are informing you of this issue out of an abundance of caution.
Please know that we have no evidence that this data included your password. And while we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure.
The Register asked LinkedIn when the breach detected, when it occurred and how many people were impacted.
The company offered a statement penned by an un-named spokesperson, re-stating news of the breach and offering the following.
As a precautionary measure, we reset passwords for the less than 55,000 Lynda.com users affected and are notifying them of the issue. We’re also working to notify approximately 9.5 million Lynda.com users who had learner data, but no protected password information, in the database. We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts.
LinkedIn has form when it comes to breaches: earlier this year the company downplayed the sale of 117m user records. Which is a trivial number compared to the billion users records Yahoo! last week admitted it had lost, probably as a result of management fearing a costly and complex encryption re-tooling effort. ®