Lawmakers concerned by report that LinkedIn passwords were stolen

Lawmakers expressed concern on Wednesday about reports that hackers had stolen millions of passwords to social-networking site LinkedIn.

LinkedIn acknowledged on Wednesday that hackers stole the passwords of some of its users. The company said it will disable the passwords of the affected users and instruct them to create new passwords.

Sen. Patrick LeahyPatrick LeahySenate committee ignores Trump, House budgets in favor of 2017 funding levels Live coverage: Trump's FBI nominee questioned by senators AT&T, senators spar over customers' right to sue MORE (D-Vt.) and Rep. Mary Bono Mack (R-Calif.) said the incident shows the need for Congress to pass data-security legislation. The two lawmakers have sponsored separate bills on the issue.

ADVERTISEMENT
"Reports of another major data breach should give pause to American consumers who, now more than ever, share sensitive personal information in their online transactions and networking," Leahy said in a statement provided to The Hill. "Congress should make comprehensive data privacy and cybercrime legislation a top priority.”

Bono Mack said she is "still trying to get additional information," but the incident "once again brings into sharp focus the urgent need for Congress to pass data protection legislation."

"Nothing threatens e-commerce more than a lack of consumer confidence, and today a lot of people are becoming very antsy about providing their personal information online,” she said in a statement.

Both bills would create a national requirement for firms to notify their customers in the event of a data breach.

The Senate is currently considering a broader cybersecurity bill, and it is possible that lawmakers could add the data breach provisions to it.

The LinkedIn news broke after two security firms told The Wall Street Journal they were able to verify that hackers had obtained the passwords to 6.5 million LinkedIn accounts, or about 4 percent of the site's users.

LinkedIn said it has implemented new security measures to protect its users' personal information.

"We sincerely apologize for the inconvenience this has caused our members," Vicente Silveira, an engineering director for LinkedIn, wrote in a blog post. "We take the security of our members very seriously."

Silveira said the company is continuing to investigate how the breach occurred.

— This story was updated at 5:25 p.m. with confirmation from LinkedIn of the security breach.