YIBADA

Hacked Linkedin IDs on sale leave millions in trouble; Users must change passwords immediately

| May 19, 2016 01:07 AM EDT

Jennifer Brett, Head of EMEA Insights for Marketing Solutions, LinkedIn attends the CMO's B2B Forum LinkedIn at Advertising Week Europe.

The LinkedIn breach that took place in 2012 was much more devastating and more damaging than previously believed. This quite evident from the fact that a hacker has now put millions of LinkedIn IDs up for sale.

A hacker is allegedly advertising the sale of around 117 LinkedIn user IDs and passwords. Only a fraction of these IDs was initially thought to be leaked in 2012. The credentials belonging to users on the professional networking site are being offered in around five bitcoins or $2,200 on the dark web, according to Motherboard.

"It is only coming to the surface now. People may not have taken it very seriously back then as it was not spread," a LeakedSource insider told the publication. "To my knowledge the database was kept within a small group of Russians."

The publication was further able to fetch the credentials for more than a million LinkedIn accounts, including email addressed and encrypted passwords. The LeakedSource team claims to have figured out more than 90 percent of the encrypted passwords in less than 72 hours.

Dark web constituted a network of websites where people can safely and anonymously buy, sell or browse products. In some way, it is also used to conduct illegal business. The famous case of the Silk Road, the online black market for selling illegal drugs, is one such example of what happens in the dark web.

In 2012, the hacker appeared to steal 6.5 million LinkedIn username and passwords. The leaked data were put online on a Russian crime forum. Apparently, the hacker stole more that what appeared obvious then.

At the time, LinkedIn never made clear how many users were actually affected by the breach. The company officials, however, said that they had reset the accounts of the professionals who were affected by it.

Recently, a hacker named "Peace" and a person behind a paid hacked data search engine LeakedSource confirmed that the hacked database contains more than 167 million accounts. Out of those accounts, more than 117 million have encrypted passwords and username.

Meanwhile, LinkedIn has confirmed on its official blog that the data shared by the hackers are legitimate. The company is taking "immediate steps" to reset the accounts of the users impacted by the breach and has suggested all its members to use two-factor authentication, in addition to strong passwords.

The following video examines tips for securing passwords:

Related News

Most Popular

EDITOR'S PICK