Industry response: LinkedIn hack
May 2016 by Stephen Love, Security Practice Lead – EMEA , Insight UK
In regards to the news that that a list of user IDs and passwords from LinkedIn, allegedly sourced from cyber-attack in 2012, put on sale for around £1,500, please see a comment from Stephen Love, Security Practise Lead – EMEA, Insight.
“Personal data is an asset that doesn’t decrease in value. If an organisation or business which stores sensitive details about its customers is attacked and this data is stolen, even years after the incident, the data will still find value on the dark web. The latest news regarding millions of LinkedIn users IDs and passwords being advertised for sale – after an attack four years ago – highlights the longevity of personal data worth.
Because of this, every organisation that stores any form of customer data needs to be prepared for the inevitability that they will be attacked by malicious hacks. However, there are tools and practices that can be implemented to not only reduce the likelihood of these attacks from successfully infiltrating establishments, but to also reduce the fall out of an attack – the most effective method being data encryption. Every organisation should be able to admit; “Yes, our network was hacked and data was stolen. However, your personal data is secure. It has made no difference to the institution - reputational or financial - as we have protected ourselves so that the data, if it fell into the wrong hands, is useless.”