Though the email informed me that the networking site had “recently noticed a potential risk” to my account, it certainly didn’t outline the real risk the site’s users are now facing, with it having been reported that over 100 million users have had their accounts compromised and their personal information sold on the dark web marketplace.
Advertisement
The hacker has now surfaced online, looking to sell the information for $2,200 on the black market.
The passwords were initially stolen in 2012, according to LinkedIn.
Yesterday’s report on Motherboard said the publication had learned from a hacker using the name “Peace” that emails and passwords from 117 million LinkedIn users were among the 167 million accounts held in a hacked database posted for sale on The Real Deal, a dark Web marketplace.
“Additionally, we advised all members of LinkedIn to change their passwords as a matter of best practice”.
A 2012 LinkedIn data theft may have affected far more users than originally thought, the professional networking site said on Wednesday.
“We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords”, Scott wrote. Think of it this way: If a hacker sees from the LinkedIn hack that your email address ends in @gmail.com, he or she might try logging into your inbox with the same password from the LinkedIn breach.
A blog update posted later in the day said that LinkedIn was using automated tools to look for and block any suspicious activity on affected accounts. LinkedIn recommends that users change their passwords regularly even if users are not notified, the Los Angeles Times reported. LinkedIn claims to have more than 400 million users. “We are not responsible for any data leaks, we just find them for you and our scripts make them searchable”. “How many of those 117m are active and now under investigation”.
Quentyn Taylor, Director of Information Security at Canon for EMEA, pointed out on Twitter that if the passwords are four years old, then your password is also four years old and if shared across multiple sites, “you have issues”. If you did and your details are part of the 100 million member details released, this is less problematic for you.
LinkedIn users should change their passwords not only for the site’s account but also for other sites as well.
Advertisement
The LinkedIn members were told via email that the Mountain View, Calif. -based company had “recently noticed a potential risk to your LinkedIn account coming from outside LinkedIn” and had taken actions to protect their accounts.
