By now you’ve probably heard that hackers compromised more than 6 million LinkedIn user passwords on Wednesday. The social site confirmed the news after a file containing 6.5 million encrypted files showed up on a Russian hackers’ web forum. Several Internet security experts have confirmed that the breach is genuine and the passwords are now likely in the hands of criminals. Although LinkedIn user data contains far less personal information than say Facebook, the leak is potentially dangerous for people who use the passwords with other accounts, social and financial.
But let’s back up a minute. On June 1st LinkedIn posted to its blog that it would be updating LinkedIn’s Privacy Policy and User Agreement in one week (June 7th). This decision was based on other concerns that user data from LinkedIn’s opt-in calendar mobile app (such as personal meeting notes) were being saved to LinkedIn’s server. These changes obviously failed.
Come back to June 6th, and LinkedIn has still not issued a formal apology (a few lines tagged to the end of a blog post) or stated how the passwords could be hacked.
The site also seems to be relying on third party sources and the media to get the word out. For example, users who logged in to LinkedIn this morning may have noticed that LinkedIn was the target of their own daily news feature:
And while Mashable has already posted an article on how to tell if your password was hacked, and major media outlets like CNN and ABC are delivering up-to-the-minute updates, LinkedIn has been relatively silent beyond the blog.
I was not one of the people affected but I do find it strange that LinkedIn seems to be almost waiting for a full-blown PR crisis to happen (anyone remember Susan G. Komen?) There are some very easy ways for companies to manage their online reputation before it gets to this point. Melissa Finnigan has a great piece on implementing a customer retention policy at your business to avoid these situations.
And a new study by Oracle finds that online users value having a number of pathways to customer service support, including through social media, click to call services and instant messaging, and they want quick responses. Why neglect these resources during a crisis?
I learned about this password debacle through a co-worker, who read about it in a blog. Not exactly “hearing it from the source”. Customers today have high expectations when it comes to customer relations. They now expect an email in their inbox the minute the problem is discovered, or immediate answers through social networking sites. That shows the company values the customer and is taking action. It has suddenly grown awfully quiet at LinkedIn…