REFILE-UPDATE 1-LinkedIn breach puts site's reputation on the line - Reuters
* Experts say breach may be more serious than disclosed
* Dearth of information leaves some customers unhappy
* LinkedIn trades at lofty premium to most tech stocks
By Jim Finkle and Jennifer Saba
June 8 (Reuters) - LinkedIn Corp's silence on the extent of a security breach that exposed millions of user passwords has damaged its reputation among some business professionals, and may slow the growing company's rise if the breach turns out to be more serious than disclosed.
Several days after news of the theft of the passwords emerged, the site with more than 160 million members still says it has yet to determine the full extent of the breach.
Some cyber security experts say LinkedIn did not have adequate protections in place, and warn that the company could uncover further data-losses over coming days as it tries to figure out what happened.
LinkedIn has hired outside forensics experts to assist as company engineers and the FBI seek to determine how more than 6 million customer passwords turned up on underground sites frequented by criminal hackers.
Company spokesman Hani Durzy said LinkedIn has invalidated the stolen passwords, even though it does not know if any other account information was stolen besides passwords.
The dearth of information has left some security professionals and customers worried that LinkedIn's computer systems may have suffered a more serious breach.
"There is going to be more to come," said Jeffrey Carr, chief executive of security firm Taia Global. "As long as they don't know what happened here, there is a good chance that it is more widespread than originally thought."
Customers whose passwords were among those stolen were still getting notified by LinkedIn as of Friday afternoon, days after news of the breach first surfaced.
Laura DiDio, a technology analyst with a consulting firm known as ITIC, said that was not fast enough.
"I am angry," she said. "As soon as there was an inkling that there was a breach, they should have been all over this. I want to know what they are doing to correct this situation."
SCRUTINIZING PRACTICES
Some security experts say the company's data security practices were not as sophisticated as one would typically expect from a major Internet company.
For example, they noted that LinkedIn does not have a chief information officer or chief information security officer.
Those are positions that typically supervise technology operations and computer security at large corporations.
Company spokeswoman Erin O'Hara said the company did not have managers with those titles, but that its senior vice president for operations, David Henke, oversees LinkedIn's security team.
Several experts said the company fell down in the way it encrypted, or scrambled, the passwords that were stored in the database.
Carr of Taia Global said LinkedIn did not follow an industry standard for encryption, which requires use of a technique known as "salting" that greatly increases the amount of time and computer power needed to crack an encrypted password.
There could be legal repercussions for that failure to comply with industry standards, said Gerald Ferguson, an attorney at Baker Hostetler who is an expert on privacy and intellectual property law.
He said that LinkedIn could face lawsuits if accounts had been breached since its terms of use say it employs the industry standard for security.
"If they can demonstrate that information hadn't been comprised, that would certainly give them a defense," Ferguson said.
Company representatives declined to respond to the criticism of their techniques for protecting passwords or any potential legal implications.
Their user statement spells out the steps it will take to protect customer data and the risks customers face.
"Personal information you provide will be secured in accordance with industry standards and technology," according to the privacy policy on linkedin.com.
"Since the Internet is not a 100 percent secure environment, we cannot ensure or warrant the security of any information you transmit to LinkedIn," it cautions. "There is no guarantee that information may not be accessed, copied, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards."
NATURAL TARGET
LinkedIn is a natural target for data thieves because the site stores valuable information about millions of professionals, including well-known business leaders.
"This is the serious social networking site. This isn't the one I g o t o to see pictures of my friend's new dog," said Mary Hildebrand, chair of the privacy practice area at the law firm Lowenstein Sandler.
The way that the company responds to the theft will play a critical role in determining the extent to which the incident damages LinkedIn's reputation, experts said.
"LinkedIn has always claimed part of their strategy is making a better user experience," said Jim Janesky, director of research at Avondale Partners.
"If this were to comprise that in LinkedIn's users minds, it could slow down the growth of new users or limit individuals as repeat users."
Hemanshu Nigam, chief executive of security consulting firm SSP Blue, said he advised all LinkedIn members to immediately change their passwords after he heard news of the breach.
"I don't know how many emails I got from customers saying 'Thank you for telling me to change my password. I'm kind of freaked out now,'" he said.
"Companies like this survive because of their reputation," added Nigam, who previously worked as a security executive at Microsoft Corp and News Corp. "People need to make a decision: 'Can I trust them with my data or not?'"
LinkedIn shares rose 2.6 percent to $96.26 on Friday. While the breach has not appeared to hurt the stock to date, investors are likely closely watching the matter because the stock carries one of the loftiest valuations in the technology sector.
LinkedIn made a monster public debut in May 2011 and is still trading at more than double its IPO price of $45.
The shares are trading at nearly 80 times projected 2013 earnings. Google trades for about 12 times next year's earnings forecast.
Rob D'Ovidio, associate professor of criminal justice at Drexel University, said it is fair to criticize LinkedIn for the loss.
"There is a social responsibility that they have in today's day and age to use the best available security measures," he said. "I am of the personal belief to hold companies liable for these types of breaches."
Sweden V England : UEFA Euro 2012 Match Report - Football
Published: 15 Jun 2012 - 22:16:26
Welbeck and Walcott rescue England as Sweden out
England remained on course for a place in the knockout rounds after coming from behind to send Sweden crashing out of the tournament with a 3-2 victory in Kiev.
Manchester United striker Danny Welbeck scored a well-taken winner for England in the 78th minute after the introduction of substitute Theo Walcott swung a see-saw Group D battle back in his side's favour.
England had got off to a dream start when recalled striker Andy Carroll headed them into a 23rd-minute lead.
But an own goal from Glen Johnson on 49 minutes followed by a header from Olof Mellberg in the 59th minute threatened to set up a disastrous night for Roy Hodgson's side.
However, the substitution of James Milner for Walcott changed the game. The Arsenal winger lashed in a 64th-minute equaliser to make it 2-2 and then provided the run and pass which set up Welbeck's winner.
England's first ever competitive victory over the Swedes means they will qualify for the quarter-finals with only a point in their final group game against co-hosts Ukraine in Donetsk next Tuesday.
Hodgson's side had started positively, Scott Parker forcing a fine save out of Andreas Isaksson after only seven minutes with a fine swerving effort from 20 yards that the Swedish keeper parried to safety.
Sweden meanwhile had to wait until 20 minutes before threatening the England goal, captain Zlatan Ibrahimovic letting fly with a long range shot that was blocked comfortably by Joe Hart.
After successive crosses from Ashley Young and Milner failed to meet their targets, captain Steven Gerrard had clearly seen enough on 23 minutes.
Seizing possession in midfield the England skipper looked up to curl in a pinpoint long-range diagonal ball which the twisting Carroll met with a thunderous header that gave Isaksson no chance.
England's positive first half display came unstuck, however, within five minutes of the restart as a rejuvenated Sweden dominated play.
The equaliser came after an Ibrahimovic free-kick bounced back off the wall and was played back to an unmarked Mellberg being played onside by Johnson.
The centre-half's shot beat Hart and Johnson was unable to scramble out of his own net. Mellberg claimed it, but the equaliser was ruled an own-goal by Johnson.
England were rocking and it got worse for Hodgson's men on 59 minutes as Sweden went 2-1 up. Sebastian Larsson swung in a curling free-kick and shambolic defending allowed Mellberg to nod home Sweden's second.
Milner, who had capped a poor evening by conceding the free-kick which led to Sweden's second, was then promptly hauled off for Walcott.
The Arsenal winger made an immediate impact and within minutes England were level, Walcott's shot from just outside the area catching Isaksson off-balance to make it 2-2.
Sweden continued to cause England problems on the break and Ibrahimovic forced Hart to dive at full-stretch to turn around a 76th-minute effort.
But two minutes later Walcott rescued England again, darting into the box with an electrifying burst to cross for Welbeck, who flicked in a deft finish with the back of his heel to make it 3-2.
Related Sweden News
UPDATE 4-Ex-business titan Gupta guilty of insider trading - Reuters UK
[getrss.in: unable to retrieve full-text content]
NEW YORK, June 15 (Reuters) - Rajat Gupta, a consummate business insider who once sat on the board of Goldman Sachs Group Inc, was convicted on Friday of leaking secrets about the investment bank at the height of the financial crisis, a major ...Tickets fly as benefactor makes Derry concert free - BBC News
All tickets for the Peace One Day concert in Ebrington Square in Londonderry have been snapped up.
The tickets were offered free on Friday after benefactor Michael Hamyln offered to pay for them.
People who had already paid for tickets will get their money back.
The film producer said he is delighted to have made the gesture.
The concert on 21 June marks the start of the London 2012 Festival.
It will be the first major event to be staged at the arts quarter, which was formerly a military barracks.
The line-up includes Pixie Lott, Dublin singer Imelda May, indie-rockers Guillamots, Derry's Wondervillains and Newton Faulkner.
Founder of Peace One Day Jeremy Gilley said: "It's incredible that someone has come forward to make the concert free.
"I'm delighted. This opens the doors to everyone. It'll be a wonderful show in a wonderful city."
The free tickets were made available at 10:00 BST on Friday morning and ran out in less than two hours.
The director of the London 2012 Festival, Ruth Mackenzie, said the concert will "highlight the key theme of how sport and culture can resolve conflict.
"We are really grateful that thousands of lucky people will now be able to join in the celebration for free."
The event also marks the three-month countdown to Global Truce, a campaign that promotes peace.
The culmination of the Global Truce campaign will be another Peace Once Day concert in London on 21 September, the day of Global Truce and World Peace Day.
Rory & Donald set to miss cut as McDowell flies flag - ESPN.co.uk
Defending champion Rory McIlroy missed the cut at the US Open after a lapse in concentration saw him miss a two-footer on the final hole of his second round.
McIlroy, looking to bounce back after a difficult opening round on Thursday, reached the par-three 8th, his final hole of Friday's round, at nine-over for the tournament - but a moment of absent-mindedness saw him make a hash of his tap-in for par.
That mistake confirmed he would miss the cut at Olympic Club - joining playing partner Luke Donald on the sidelines over the weekend.
Donald, the world No. 1, had all-but ended his tournament chances with a 79 to begin proceedings and, while a follow-up 72 was respectable, his 11-over total for 36 holes will see him miss the weekend's action in San Francisco.
The cut is expected to be around eight-over but could well slip to nine-over - although that will not be a problem for the third member of McIlroy's group, Lee Westwood, who will have a chance to move up the leaderboard in the second half of the tournament after finishing five-over.
European hopes are currently riding with 2010 US Open champion Graeme McDowell, who endured a difficult finish to his round but nevertheless sits among the clubhouse leaders at one-over.
One-under when beginning his round on the ninth on Friday, the Northern Irishman reached two-under for the tournament at one point but Olympic's formidably difficult front nine eventually punished him - as four bogeys and a solitary birdie left him just over par overall.
The only man ahead of him in the clubhouse, however, was playing partner and fellow former champion of this event Jim Furyk - the 2003 winner flying under the radar to card a second round of 69 after an opening 70 and become the first man (so far) to be under par after 36 holes.
Nevertheless, the marquee group of the morning involved the three top-ranked Europeans - but none of them lived up to their billing as Westwood was the only one who just about kept himself in tournament contention.
Donald was far more precise than in his damaging opening round, but nevertheless could not get in position to threaten the cut-line - with a failure to birdie the short par-four seventh (his 17th) ultimately sealing his fate.
McIlroy gave himself a chance at eagle at the same hole which would have almost certainly sealed his participation over the weekend, but was forced to settle for a birdie that left him likely needing to pick up another shot at his last, the par-three eighth.
An iron shot to 15-feet set up that opportunity, but McIlroy was not able to make the putt as it slid narrowly to the right. It was then that disaster - or, more accurately, human fallibility - struck, as the defending champion rushed his par attempt and saw it lip out.
Forced to settle for 10-over, his fate was confirmed - and the Northern Irishman did not bother to hang around for the rest of the field to finish.
Elsewhere, big-hitting Belgian Nicolas Colsaerts and 23-year-old American John Peterson are also both well placed at one-over for the tournament, after second rounds of 69 and 70 respectively.
Pre-tournament hot tips Hunter Mahan, Jason Dufner and Matt Kuchar are well-placed alongside Aaron Watkins at three-over.
Sergio Garcia, Ernie Els, Charlie Wi, Martin Kaymer and Nick Watney - he of the Thursday albatross - are all four-over, while Ian Poulter and John Senden are level with Westwood in the clubhouse at five-over.
Steve Stricker is also four-over for the tournament after the round of the day so far, a two-under par 68 that included an eagle at the 17th after he holed out from the fairway.
Players waiting to see if they will make the cut at nine-over include Casey Martin, Bill Haas and former champion Lucas Glover.
0 Responses to "REFILE-UPDATE 1-LinkedIn breach puts site's reputation on the line - Reuters"
Post a Comment