Hacked LinkedIn accounts already being used by criminals

Earlier today, reports started coming in that over 6.4 million passwords from the business-themed social networking service LinkedIn had reportedly been stolen by a unnamed person or persons and posted on a Russian language forum. LinkedIn at first claimed that it was unable to confirm any kind of security breach. Later in the day, the company did admit that a breach of its servers did occur, but would not state how many accounts were compromised.

Now The New York Times is reporting that criminals are already using the lifted LinkedIn accounts to send emails to others. The emails ask people to click on a link to "confirm" their email address, when in fact the links take users to scam websites.

In its blog post today, LinkedIn said the people that are the victims of the compromised accounts will now find that their passwords no longer work and will receive emails with information on how to change their passwords, without the need for an embedded link.

The company did not state how these account passwords got out in the open. LinkedIn added, "We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously."

Update from Mashable: The company promised to add another layer of security by salting as well as hashing its database for account passwords, which makes the encrypted passwords harder to crack.

Source: New York Times

Report a problem with article
Previous Story

Google Maps to add full 3D models to some cities

Next Story

Wreck-It Ralph - the ultimate video game movie?

10 Comments

Commenting is disabled on this article.

Drossel said,
"We take the security of our members very seriously."

Riiiiiiiiiiiiiiight.

Yeah, mistakes never happen, eh Drossel?

I change my LinkedIn password every few months. Having a compromised LinkedIn account could potentially impact one's professional career.

Even companies like Blizzard are telling their customers that if they used the same info on battle.net as on LinkedIn, they need to change their passwords, etc.

I noticed my Apple ID and several other accounts had become locked because of multiple incorrect attempts in the past 24 hrs. Not that my password is easy or reused elsewhere so I don't believe there a breach.