LinkedIn accounts hacked, 6.5 million passwords out in wild
|Recent hack on LinkedIn has exposed 6.5M user accounts|
LinkedIn on wednesday confirmed that some of the passwords of the accounts were compromised in a major security breach.
Director at LinkedIn, confirmed the hack on the company’s blog on wednesday afternoon and outlined steps that LinkedIn is taking to deal with the situation. He wrote that those with compromised passwords will notice that their LinkedIn account password is no longer valid.
Silveria added that the owners of compramised accounts will receive an email from LinkedIn with instructions on how to reset their passwords. These owners then will get a second email from LinkedIn customer support that explains the situation at greater length.
The account hacking came to light when recently a file containing 6.5 million unique hashed passwords appeared in an online forum based in Russia. More than 200,000 of these passwords have reportedly been cracked so far.
The file contains passwords hashed using the SHA-1 algorithm and does not include user names or any other data. However, the breach is so serious that the security professionals advice people to change their LinkedIn passwords immediately. It is also advised to change the passwords for the accounts having the same passwords.
What is more puzzling is that, the hashed passwords were not salted. A method used while hashing, to render off market Hash crackers. During hashing a set of custom values is added without which the crackers cannot convert the hash’s to original values, But the LinkedIn passwords leaked does not seem to have salted hash’s making it more easy for the crackers to crack the passwords using the tools available off market.
Regarding the issue, LinkedIn’s Silveria wrote: “It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases.”
Tell us in the comments whether your LinkedIn password has been exposed !!
Latest posts by indiandragon (see all)
- Swiftkey vs Swiftkey Tablet review - May 25, 2013
- Google + Hangout app review, messaging kills online chat ! - May 21, 2013
- Best cyanogenmod supported phone under Rs10,000 or $180 - May 15, 2013