We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

LinkedIn probing reports of massive breach

About 6.5 million hashed LinkeInd passwords said to be accessed and posted online

Professional social networking service LinkedIn today said it is investigating reports that hackers broke into its systems and accessed the usernames and hashed passwords of the social network's 6.5 million members.

The data was said to be posted on an online Russian hacker forum.

See also: How to change a LinkedIn password

In numerous Twitter messages, LinkedIn told its members that it's investigating the breach reports, and that it can't yet confirm that hacker had accessed the site.

One said: "Our team is currently looking into reports of stolen passwords. Stay tuned for more."

One security researcher today said that he has downloaded a file from a Russian hacker website containing more than 6.4 million hashed passwords.

Marcus Carey, a security researcher at Rapid7, said he also downloaded two separate files containing more than 300,000 passwords collected by the hackers. The hackers accessed the passwords by using simple password cracking tools, Carey said.

Though it is not immediately possible to confirm if the hashed passwords were in fact accessed from LinkedIn's servers, there are numerous anecdotal reports that users have seen their LinkedIn password posted online, he said.

So far, he added, there is no evidence that emails associated with the passwords have also been accessed, though that remains a possibility.

Carey noted that the hackers might still have access to the LinkedIn servers.

According to him, a look at the data that was posted online suggests that the hackers may have had access to the data for sometime.

Users of LinkedIn should immediately change their passwords to protect their accounts, he said.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.


IDG UK Sites

Samsung Galaxy Note 4 release date, price and specs 2014

IDG UK Sites

What's the best smartwatch? 11 iWatch rivals compared in our wearables round-up

IDG UK Sites

App cloning: the mobile software industry’s hidden shame

IDG UK Sites

Developers get access to more Sony camera features