LinkedIn users are advised to change their passwords after a massive hack led to more than 117 million accounts being compromised by a hacker who is now selling the data through the Dark Web.
Business users, professionals and even students are at risk of having their LinkedIn data exposed to malicious parties should the sale for the passwords be made. They are now being advised to changed their login credentials as they could still be used to try and access their other accounts as well.
There are people who use the same password and even the same login username or email address across all their accounts. They could also use them in their online banking accounts which hackers can then compromise to siphon off money.
Why LinkedIn? The website was designed to help professionals and students to gather connections and find jobs, which could help them earn more money and so on.
Since users on LinkedIn would have jobs, it means that they would also have money. The hackers may have thought that it would be a better lucrative source compared to social media networks such as Facebook, Twitter and Instagram that are mostly full of social climbers and teenagers with no money.
The hacker who is named "Peace" told Motherboard that the data was stolen several years ago in 2012. Now, the hacker is selling the data through an illegal marketplace called The Real Deal in the dark web for 5 bitcoins.
LeakedSource, a paid hacked data search engine, claims that they also have the data. The hacker and the search engine confirmed that there are now 167 million accounts that were compromised.
Only about 117 million of all the accounts have the emails and their passwords in encrypted form. LinkedIn recommends that users change their passwords regularly even if users are not notified, the Los Angeles Times reported.
Cory Scott, the chief information security officer of LinkedIn, said that they are already working on the case. They also confirmed that it was not a new security breach.
LinkedIn users should change their passwords not only for the site's account but also for other sites as well. It would give the hackers a hard time to bypass security measures if a user uses different passwords instead of just one.