LinkedIn Hacked – Millions of LinkedIn Passwords Compromised
June 7, 2012
Recently, LinkedIn confirmed a data breach that resulted in millions of users’ passwords being compromised. It is said that over 6 million passwords were stolen and uploaded to a Russian based web forum.
Vicente Silvira of LinkedIn had this to say, “we can confirm that some of the passwords that were compromised correspond to LinkedIn accounts.” He then went on to explain how LinkedIn is enhancing cyber security and outlined the next steps for compromised accounts.
The next steps for compromised accounts includes:
- Anyone with a compromised LinkedIn account will notice that their passwords are no longer valid.
- All members with compromised accounts will receive an email with detailed instructions on how to update passwords.
- These same users will receive a second email providing more information on the situation and why they are being asked to update their passwords.
Increasing security against hackers
Some cyber security professionals believe that hackers had been inside the network for several days based on the type and quantity of information posted on the forums. They even went as far as to say that the attackers may still have access to system. LinkedIn declined to comment on whether the attack may still be in progress.
The social networking site is beefing up security by hashing and salting password databases. Hashing involves converting a password to a unique set of numbers and letters. The problem is, if you figure out how the passwords are hashed, you can quickly figure out other passwords. Salting means that a “secret code” is added to each password before it is encrypted. This keeps hackers from being able to figure out a formula that was used to encrypt all passwords.
How to Change Your LinkedIn Password
If you would like to change your LinkedIn password, follow these steps:
- Click on your name in the upper right hand corner
- Select settings
- Select “change” next to “password” just below your profile picture
We recommend changing your password for any site that used the same password as LinkedIn. A good way to protect yourself online is to have a different password for each site that you frequent. If this is too much work for you, consider having a unique and complex password for the sites you frequent that may contain sensitive data (banking, credit cards, loans, etc.).
This breach is just the latest in a string of hacks that have affected companies and governments around the world. Information security and combating hackers is more important today than it ever was in the past. Phoenix TS is proud to say that we train ethical hackers and offer a wide variety of cyber security courses. If you are interested in learning how to protect your organization from similar attacks, then contact us today!