LinkedIn Corp., owner of the world’s biggest professional-networking website, may be investigated by the Irish Data Protection Commissioner’s Office after some user passwords were compromised in a security breach.
Gary Davis, the country’s deputy data-protection commissioner, said the incident falls within the area that can be investigated under the agency’s code of practice on data breaches.
“We are in ongoing contact with LinkedIn in relation to the matter,” Davis said in an e-mail. “I am not in a position to indicate how we will be progressing.”
Irish privacy regulators can levy fines on electronic-communication providers and networks for data breaches, Davis said. Ireland polices LinkedIn’s data security because its base for operations outside the U.S. is in Dublin. The company, based in Mountain View, California, apologized to customers in a blog post yesterday and said that its more than 160 million users will know if their accounts were affected because their passwords will no longer be valid.
LinkedIn “has been working closely with the Irish Data Protection Commissioner’s Office to keep them abreast of the situation,” said Darain Faraz, a spokesman for the company in London.
“We’re taking immediate action to protect our members,” Faraz said in an e-mail.
Passwords have been changed for members with accounts linked to the data breach and they will receive an e-mail with instructions on how to reset the passwords, he said.
The company cites security issues as a risk for investors in regulatory filings and disclosed as recently as last month that it experienced website disruptions and outages for reasons including “denial of service or fraud or security attacks.”