LinkedIn confirms, apologises for stolen password breach
Reports circulated on Wednesday that millions of LinkedIn passwords were subject to a security breach. A Russian hacker said he stole 6,458,020 encrypted passwords and posted them online (without usernames) to prove his feat
The breach comes on the heels of news that LinkedIn’s iOS app potentially violates user privacy by sending detailed calendar entries to its servers.
“We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts,” LinkedIn said in a blog post on its site. “We are continuing to investigate this situation.”
In the meantime, the company is taking a few steps for the accounts that were compromised.
For example, users accounts associated with compromised passwords will no longer be able to log in.
“These members will also receive an email from LinkedIn with instructions on how to reset their passwords,” LinkedIn said. “There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email.”
Members with passwords that have been compromised will receive another email from LinkedIn’s customer support team with more information about the situation and why they should change their password.
“It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases,” LinkedIn added.
Earlier today, the company posted a blog that included best practices on how to create a strong password.
For more on this story go to:
mashable.com/2012/06/06/linkedin-passwords-hacked-confirmation/