Online learning company Lynda.com, a subsidiary of LinkedIn, which is now officially a subsidiary of Microsoft, today sent out an email to some users alerting them to a breach of a database that includes contact information and courses some users viewed. Altogether, it’s emailing about 9.5 million users whose passwords weren’t included in the affected database, a LinkedIn spokesperson told VentureBeat in an email.
But there was a small percentage of users (fewer than 55,000) whose passwords were in the breached database, and Lynda.com has reset their passwords and informed them that it has done so. The passwords were “cryptographically salted and hashed” and no credit card information was included, the spokesperson wrote.
“We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts,” the spokesperson wrote.
The Lynda.com incident comes a few days after Yahoo disclosed a hack of data affecting more than 1 billion user accounts. But the LinkedIn spokesperson noted that the two incidents were not related.
In any case, here’s the note that Lynda.com sent to people whose passwords weren’t part of the breach:
We recently became aware that an unauthorized third party breached a database that included some of your Lynda.com learning data, such as contact information and courses viewed. We are informing you of this issue out of an abundance of caution.
Please know that we have no evidence that this data included your password. And while we have no evidence that your specific account was accessed or that any data has been made publicly available, we wanted to notify you as a precautionary measure.
If you have questions, we encourage you to contact us through our Support Center.
The Lynda.com team
Update at 8:22 p.m. Pacific: Added detail about the passwords.
You can't solo security COVID-19 game security report: Learn the latest attack trends in gaming. Access here