‘LeakedIn’: Was Your LinkedIn Password Hacked?
- Posted on June 6, 2012 at 5:35pm by
Liz Klimas
- Print »
- Email »
LONDON (The Blaze/AP) — Business social network LinkedIn said Wednesday that some of its users’ passwords have been stolen and leaked onto the Internet.
LinkedIn Corp. did not say how many of the more than six million passwords that were distributed online corresponded to LinkedIn accounts. In a blog post Wednesday, the company said it was continuing to investigate.
Graham Cluley, a consultant with U.K. Web security company Sophos, recommended that LinkedIn users change their passwords immediately. Those who were hacked should not be able to use their no compromised password anyway. CBS has more on how compromised accounts will be notified:
1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email.
3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
LinkedIn has a lot of information on its more than 160 million members, including potentially confidential information related to jobs being sought. Companies, recruiting services and others have accounts alongside individuals who post resumes and other professional information.
A site called “LeakedIn.org” has been created to allow you to check if your password has been compromised. Although, it is usually not recommended to start entering your password into random searches, even if it’s to confirm a breach or not.
(Image: LeakedIn.org screenshot)
There’s added concern that many people use the same password on multiple websites, so whoever stole the data could use the information to access Gmail, Amazon, PayPal and other accounts, Cluley said. The Verge reports a Russian forum has claimed responsibility.
Before confirming the breach, LinkedIn issued security tips as a precautionary measure. The company said users should change passwords at least every few months and avoid using the same ones on multiple sites.
LinkedIn also had suggestions for making passwords stronger, including avoiding passwords that match words in a dictionary. One way is to think of a meaningful phrase or song and create a password using the first letter of each word.
Cluley said hackers are working together to break the encryption on the passwords.
“All that‘s been released so far is a list of passwords and we don’t know if the people who released that list also have the related email addresses,” he said. “But we have to assume they do. And with that combination, they can begin to commit crimes.”
LinkedIn’s blog post had few details about what happened. It said compromised passwords have been deactivated, and members with affected accounts will be sent emails with further instructions.
While the passwords appear to be encrypted, security researcher Marcus Carey warned that users should not take solace from such security measures.
“If a website has been breached, it doesn‘t matter what encryption they’re using because the attacker at that point controls a lot of the authentication,” said Carey, who works at security-risk assessment firm Rapid7. “It‘s ’game over’ once the site is compromised.”
Cluley warned that LinkedIn users should be careful about malicious email generated around the incident. The fear is that people, after hearing about the incident, would be tricked into clicking on links in those emails. Instead of getting to the real LinkedIn site to change a password, it would go to a scammer, who can then collect the information and use it for criminal activities.
LinkedIn said its emails will not include any links.
Shares of LinkedIn, which is based in Mountain View, California, gained 8 cents to close Wednesday at $93.08.
Comments (18)
Sign In To Post Comments! Sign In
Popular Stories
Does Misstated Marathon Claim Prove Paul Ryan Is Dishonest? (POLL) 703 Comments
Paper Details Obama Admin’s Alleged Secret Note Sent to Iran: If Israel Attacks, We Won’t Get Involved 542 Comments
‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 360 Comments
Roseanne Barr: Most Billionaires ‘Violent Pedophiles’ & ‘Heartless’ Cocaine Addicts 357 Comments
This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 356 Comments
Faith
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 356 Comments
Pakistani Muslim Cleric Accused of Framing Disabled Christian Girl in Koran-Burning Case Read More- ‘Made Up Religion’: TV Historian Enrages Muslims, Receives Threats After Producing UK Documentary Questioning Islam’s Beginnings 360 Comments
Meet the Controversial German Imam Accused of Brutally Beating His Wife & Pushing Sharia Law Read More
‘Self-Proclaimed Messiah’ & Unification Church Leader the Rev. Sun Myung Moon Has Died — Here’s His Life Story Read More
Business
- President Obama Issues Major ‘Green Energy’ Executive Order 275 Comments
- Germany’s Upcoming Court Ruling Will be Huge for the EU Read More
Ford Looks to Beat Toyota for Best-Selling Car in 2012 With This Model 149 Comments
Bernanke & QE3: Here’s What You Need to Know Read More- ‘Extortion’: Why Did the Labor Department ‘Drop the Hammer’ on Oregon Farmers? 302 Comments
Technology
- This Is the Creationists‘ Response to Scientist Bill Nye’s Viral Pro-Evolution Video Claiming They Harm Children 356 Comments
‘TaserDrone’: Hackers Weaponize Quadcopter With Actual ‘Shocking’ Technology Read More
Ever Heard of the Wild ‘Burning Man’ Festival in the Middle of the Nev. Desert? Here’s Your Primer Read More
Stanford Develops Technology ‘Better Than Steroids’ for Athlete Recovery Read More
Have You Pretended to Know What ‘the Cloud’ Is? You’re Not Alone Read More
Submitting your tip... please wait!
lylejk
Posted on June 7, 2012 at 12:14amNo. Don’t Linked, Twitter, Facebook, Myface or any of these crazy social network stuff. A virus spreader waiting to happen imo. lol
:)
Report Post »NothingToLose
Posted on June 7, 2012 at 12:13amHave you checked LinkedIn PE ratio? 575!!! company that earns so little but traded near $100 is scary.
Report Post »Moe1138
Posted on June 6, 2012 at 9:39pmI don’t have a MySpace, Facebook or Twitter account and my LinkedIn account is blank. This is all by design. I wouldn‘t have a cell phone if my wife didn’t make me carry one.
Report Post »The further from electronics I am, the safer I feel.
oinia
Posted on June 6, 2012 at 8:26pm‘Internet security’ is as much an oxymoron as ‘objective journalism.’
Report Post »floridaborn
Posted on June 7, 2012 at 7:55amGood one!
Report Post »lukerw
Posted on June 6, 2012 at 7:40pmI received an email on it… on Monday! BSM-why?
Report Post »Darmok and Jalad at Tanagra
Posted on June 6, 2012 at 6:36pmIsn’t that the captial of Nebraska….Linkedin?
Report Post »de31372
Posted on June 6, 2012 at 6:36pmThe Internet seems far less secure than we all wish to believe it is. Unfortunately there isn’t a whole lot that can be done to seriously combat these types of activities without trampling on the freedoms enjoyed by Internet users. The last thing we need is for the Federal Goverment to come riding in on a white horse to save the day. I would rather take my chances with the cyber criminals.
Are you ready? http://www.bigrede.com
Report Post »The-Monk
Posted on June 6, 2012 at 6:21pmI get both the free LinkedIn and Stratfor e-zines on a fake Yahoo account. Stratfor e-mailed me about the hacking and LinkedIn has not as yet. Neither site contains any of my personal info or passwords.
It‘s getting so you can’t do anything online anymore. : (
Report Post »The-Monk
Posted on June 6, 2012 at 6:34pmAlso, SHA-1 is old, most sites are using SHA-2 now.
Report Post »THE_ADVERSARY
Posted on June 6, 2012 at 6:12pmMost of Becks followers probably dont know what linkedin is since they are too old to work and are living off my tax money.
Report Post »The-Monk
Posted on June 6, 2012 at 6:27pm@THE_ADVERSARY
WELCOME NEWBIE TROLL!!!!
Wow, did you just sign up today to post your trash and bash us? You are now marked as a troll. Go back to Media Matters, collect your paycheck and tell them you have failed. HaHaHaHaHa…..
Report Post »The-Monk
Posted on June 6, 2012 at 6:29pm@THE_ADVERSARY
Also….. my condolences on your loss last night to Gov Walker. See you in Nov where you will lose again. Big Smile : )
Report Post »Melvin Spittle
Posted on June 6, 2012 at 6:51pmYour comfortably smug and possible unconscious self deception is amazing. If it is conscious self deception, all the more so. A maggot in a pile of warm dung.
Report Post »The-Monk
Posted on June 6, 2012 at 7:02pm@THE_ADVERSARY
Are you enjoying your new account ANONYMOUSE???
I know who you are…… Big Smile. Come on, confess it, be proud of who you are.
Report Post »RightThinking1
Posted on June 6, 2012 at 5:59pmLuddite that I am, I do not have to worry about *any* of the ‘social media’. My friends just don’t understand how I get by…
Report Post »The answer is “Quite nicely, thank you.”
LinkedIn G
Posted on June 6, 2012 at 5:49pmJust because people are paranoid doesn‘t mean others aren’t out to get them. Lol
Report Post »RightPolitically
Posted on June 6, 2012 at 5:44pmI’m getting out of that stupid cyberjunk ASAP.
Report Post »