LinkedIn Breach Reportedly Results In Millions Of Passwords Leaked Online

UPDATE: LinkedIn has confirmed on its blog that “some of the passwords that were compromised correspond to LinkedIn accounts,” and outlines how affected members will be notified.

On the LinkedIn blog in a post titled, “An Update on LinkedIn Member Passwords Compromised”:

1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email.
3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

——————————————————–

If you have a LinkedIn account, it might be wise to change your password right about now. According to reports, a user in a Russian forum says he’s hacked and subsequently leaked online about 6.5 million LinkedIn passwords. The claim hasn’t been confirmed yet, but LinkedIn says it’s looking into the situation.

As CNET notes, LinkedIn’s Twitter says: “Our team is currently looking into reports of stolen passwords. Stay tuned for more.”

Meanwhile, other Twitter users are already reporting that they’ve found their hashed passwords on the list, says one security expert.

The simpler your password, the more it could be at risk, as those take less time to decrypt. As a precaution, now would be a good time to change that password. It’s a good idea to use both upper and lowercase letters, numbers and punctuation.

Here’s how:

1. Go to linkedin.com.
2. Click on your name in the top right corner and select Settings.
3. Click Change next to Password.
4. Enter your current password and create a new one.

This latest turn of events comes after recent news that LinkedIn’s iOS app is collecting info from calendar entries, including passwords, and sending it back to the company’s servers without notifying users.

Millions of LinkedIn passwords reportedly leaked online [CNET]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.