[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] LinkedIn Defends Security Practices, Leadership
From: InfoSec News <alerts () infosecnews ! org>
Date: 2012-06-14 11:56:33
Message-ID: alpine.DEB.2.02.1206140656230.27545 () infosecnews ! org
[Download RAW message or body]
http://www.informationweek.com/news/security/attacks/240002005
By Mathew J. Schwartz
InformationWeek
June 13, 2012
Did LinkedIn drop the ball on information security?
In the wake of a breach of LinkedIn users' passwords that first came to
light last week--after a subset of those passwords were uploaded to an
online password-cracking forum--security pundits have been asking how
much LinkedIn's business practices might have been at fault.
Multiple commentators have noted the absence of a chief security officer
(CSO) or chief information security officer (CISO) on the LinkedIn
organizational chart, with some inferring that the breach could thus be
traced to a "lax security" attitude at the social network, because "no
one was responsible for IT security," according to TechWireAsia.
But LinkedIn has defended its security posture and response to the
breach, noting that after the password theft came to light early last
week, by Thursday it had disabled the passwords on all accounts that
were known to have been compromised by attackers. "At this time, there
have been no reports of compromised LinkedIn accounts as a result of
this password theft," according to a Tuesday LinkedIn blog post, which
further noted that the company was "continuing to work with law
enforcement as they investigate this crime."
[...]
--
Certified Ethical Hacker, ISSMP, ISSAP, CISSP training
with Expanding Security gives the best training and support.
Get a free live class invite weekly. Best programs, best prices.
http://www.ExpandingSecurity.com/PainPill
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic