Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Online Learning Platform Lynda.Com Has Been Hacked!

 


 

The Lynda.com is one of the best online learning platforms, which is offering more than 4000 courses. This platform was founded “Lynda Weinman” and “Bruce Heavin” in 1995. In April 2015, LinkedIn had purchased this platform for $1.5 Billion. Further, the LinkedIn has been purchased by Microsoft for $26.2 Billion. This Sunday, the support team of Lynda.com started informed its customers through an email that their database has been accessed by unauthorized cyber crooks. The targeted database contains user information, course syllabus, learning data and contact information of users. Around 9.5 Million user accounts are at risk.

 

The Whole Incident

The security team of Lynda.com recently noticed that an unauthorized third party was accessing user accounts. The attackers were accessing learning data, course videos and contact information of users. The response team of Lynda.com is still finding the exact reason for this unauthorized third party involvement. According to the email of Lynda.com support team, the company doesn't know whether the user passwords are present in the targeted database or not. For the security reasons, the company has changed the passwords of 55000 user accounts. The company has informed the law enforcement authorities as well. An official report has been published by the company, in which they confirmed the incident. The company also said that we have not any evidence at the moment which confirms that the data is publically available.

 

Have a look at the email: 


 

The Reason?

The exact reason behind this hack is still unclear. It seems like, attackers have the login credentials of that accounts, which were the part of 2012 LinkedIn data breach. Maybe attackers are accessing the accounts of those users which are still using the same password.  In 2012 LinkedIn data breach, the details of more than 117 Million user accounts were stolen by the hackers. A Russian suspect has also been arrested by the Czech police from Prague with the help of FBI in October who was involved in great 2012 LinkedIn data breach.

 

Moreover, the CERT –Bund (Computer Emergency Response Team of Germany) recently noticed that cyber crooks were targeting corporate world by sending malicious emails to the victims of 2012 LinkedIn data breach. It means hackers are still using the leaked data. The Heimdal Security also reported a Linkedin Phishing email scam in November. After the LinkedIn Data breach, many other major data breaches happened. Dropbox, Tumblr and MySpace data breaches were also the biggest ones.

 

Conclusion

The companies should take security in a serious way because a successful data breach can give birth to many other data breaches. The reason is, about 50 percent people are using same usernames and passwords for their multiple online accounts. The users should also understand that their habit of “repeating password” may put them at risk.

 

Similar Articles:

Beware LinkedIn Users, Scammers Are Sending Emails to Steal Your Photo ID!

IIT Bombay and IIT Kharagpur Hacked By An Indian Hacker Cryptolulz666

Out of 45000 Total WordPress Plugins, 8800 Are Vulnerable

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.