Reports circulated on Wednesday that millions of LinkedIn passwords were subject to a security breach. A Russian hacker said he stole 6,458,020 encrypted passwords and posted them online (without usernames) to prove his feat.
The breach comes on the heels of news that LinkedIn’s iOS app potentially violates user privacy by sending detailed calendar entries to its servers.
SEE ALSO: How to Change Your LinkedIn Password
“We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts,” LinkedIn said in a blog post on its site. “We are continuing to investigate this situation.”
In the meantime, the company is taking a few steps for the accounts that were compromised.
For example, users accounts associated with compromised passwords will no longer be able to log in.
“These members will also receive an email from LinkedIn with instructions on how to reset their passwords,” LinkedIn said. “There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email.”
Members with passwords that have been compromised will receive another email from LinkedIn’s customer support team with more information about the situation and why they should change their password.
“It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases,” LinkedIn added.
Earlier today, the company posted a blog that included best practices on how to create a strong password.
Source : Mashable Social Media
Members with passwords that have been compromised will receive another email from LinkedIn’s customer support team with more information about the situation and why they should change their password.
ReplyDelete