Graham Cluley May 18, 2016
http://www.tripwire.com/state-of-security/wp-content/uploads/cache//linkedin-800/32362223.jpg
The LinkedIn hack of 2012 just got a whole lot worse.
If you recall, in 2012 LinkedIn reset users’ passwords after hackers broke into the network, stole a database of password hashes, and posted some 6.5 million account credentials on a Russian password forum. LinkedIn was left humiliated by the security breach, which revealed that they had not used a salt while creating the checksums it stored of users’ passwords- making it trivial for fraudsters to crack them.
Now, almost four years later, a hacker going by the name of “Peace” is offering for sale the database of 167 million accounts, including the emails, hashed and (in many cases) already cracked passwords of 117 million users.
As Motherboard reports, security researcher Troy Hunt has confirmed that at least some of the email addresses and passwords offered for sale are the same as those used by LinkedIn users at the time of the hack.
Full Article
117 million LinkedIn email addresses and passwords put up for sale
Userlevel 7
+54
Userlevel 7
Not a good thing for sure............but these users can change their password and they can get another email address which would lessen the breach and downplay the sale by these criminals.
Userlevel 7
Indeed, a very bad thing given (i) the numbers involved, & (ii) the likely sensitive information that they may have gotten hold of. I am a LinkedIn member so will have to see what the implications are but to be honest I don't think that I have anything sensitive held on the site...and anyway hopefully passwords have since been changed.
Userlevel 7
+3
"A seemingly benign group of hackers is taking over the social media accounts of big personalities in the wake of the leak of hundreds of millions of LinkedIn passwords.
The group, which calls itself OurMine Team, claims to have recently hacked the accounts of, Twitter co-founder Biz Stone, Minecraft creator Markus “Notch” Persson, actor Sawyer Hartman, and pop star David Choi, among others."
https://motherboard.vice.com/read/after-linkedin-passwords-leak-hackers-hijack-big-name-accounts
Userlevel 2
For the actual information we have entered into Linkedin, well I guess it's public info anyway ........ but the fact that the email address and passwords were cracked is ( or at least should be ) a worry for those who use the same email address / password on other web based accounts. Identity theft is a very real risk.
As so often stated, get those passwords changed regularly and use different passwords for different sites. These 'social media' type accounts are high risk ones for ID theft so credentials for them should be taken very seriously indeed.
Regards Peter.
As so often stated, get those passwords changed regularly and use different passwords for different sites. These 'social media' type accounts are high risk ones for ID theft so credentials for them should be taken very seriously indeed.
Regards Peter.
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.