LinkedIn is investigating how its password database was been compromised with more than 6 million users’ details posted online. The business social network is examining claims that encrypted passwords have been published on a Russian hackers’ website. LinkedIn has confirmed that passwords have been compromised, and “apologised for the inconvenience this has caused our members”. The issue came to the notice when a Russian hacker forum posted a 118MB file containing 6,458,020 hashed passwords from the social network site.
According to PCWorld, Vicente Silveira, Director at LinkedIn, outlined steps that LinkedIn is taking to deal with the situation. He said that those with compromised passwords will notice that their LinkedIn account password is no longer valid and that owners of compromised accounts will receive an email from LinkedIn with instructions on how to reset their passwords and receive a second email from LinkedIn customer support that explains the situation at greater length.
If hackers accessed Premium users’ account, the hackers could gain access to credit card details used to pay for subscriber access to the site. A cyberthreat expert advised users to immediately change their login details and that while users’ emails addresses had not been published he added: “It is reasonable to assume that such information may be in the hands of the criminals. … Of course, make sure that the password you use is unique and not used on any other websites) and is hard to crack.”
Unfortunately, many online users use the same or similar passwords across their online world. Users must be sure to change any other passwords that “match” as well as the hackers will likely scan other online accounts such as XBOX, PS3, Steam, email accounts, movie rental sites, and forums, if only to spam forums with an established account in your name.
What To Do Now?
You can change your LinkedIn password by following this link and clicking the “change” link next to “Password” just below your profile photo. LinkedIn has instituted new password methods of storing passwords that is more secure. However, it does not matter how long or difficult to guess your password is, unless you change, your password it is still at risk as it will not be stored by the new security methods.
What are the implications for online users?
LinkedIn has become one of the more used social network site for business users, and has been largely used by businesses and executives for recruiting, hiring and making interactions with people in the same field. Since the business community as a whole is more attuned to image and commercial profiles and are more aware when it comes to passwords in the workplace. While the attack may open the door for competition, there are few alternatives at present, however, users may be more cautious about using the services and revealing too much detail.
