Justin du Coeur (jducoeur) wrote,
Justin du Coeur
jducoeur

LinkedIn Passwords apparently stolen

I just sent this around at work, but it could probably use a signal-boost here as well:

http://arstechnica.com/security/2012/06/8-million-leaked-passwords-connected-to-linkedin/

Summary: it appears that LinkedIn got hacked, and ~8 million passwords were stolen. (This is not confirmed, but seems to be the consensus in the security community.)

Now before anybody panics, that’s far from all of them: it’s a small subset of LinkedIn’s DB. And they were stolen in hashed form: LinkedIn wasn’t so incompetent as to store them in plaintext.

That said, their security was apparently weak, and the hashes are relatively weak and crackable: determined hackers are blowing through the easy ones quickly, and are making their way through the rest. And the 8 million that were posted may just be a subset of what was stolen.

So: if you have a LinkedIn account, change your password *now*. If you use the same password for other sites, it would be adviseable to change it there as well, since it isn't hard to go from a LinkedIn account and start making guesses about accounts elsewhere on the Internet.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 2 comments