Lynda.com – the online resource to learn almost any skill you could ask for, has suffered a data breach that affects more than 50 thousand of its users.
Thankfully, Lynda.com – unlike Yahoo – isn’t the one to hide their failures under the rug; the company has started notifying all affected users via email. The 50,000 or so accounts that are directly affected have also had their password reset – users will need to enter a new password at login.
There’s more – about 9.5 million of it
The breach involves a 3rd party gaining access to one of Lynda.com’s database; while the database had only about 50,000 accounts with password information – the ones who now have their password reset – the database also had about 9.5 million other accounts without password information.
The 9.5 million accounts without password information have had their learning data, contact details, and the list of courses viewed compromised.
Of course, this information isn’t critical – it’s not going to let anyone gain access to your account – but it still is a privacy breach nonetheless.
Lynda.com isn’t sure
While Lynda can tell that a 3rd party has accessed the database – they can’t tell if it has been made publicly available or even decrypted for that matter.
Resetting the compromised accounts and notifying the affected users is merely a precautionary measure – in case the database is, in fact, breached.
Of course, when or if this database does show up on the dark web, it might have some not-good consequences, so being prepared for it – like Lynda.com – is a good measure.
If you care about your learning data, contact information, and the list of viewed courses – that sail has shipped, as the concerning data was in the database.
While Lynda.com has reset the password for the accounts with password information in this database, the users of these accounts mustn’t forget to change their password on other websites that used the same password.
LinkedIn purchased Lynda.com for about $1.6 billion last year, while Microsoft purchased LinkedIn for about $26 billion. Microsoft technically owns this mess now – hopefully, the company will apply better security standards in the future.