117M LinkedIn Passwords Leaked

...

Four years later, LinkedIn is still dealing with the effects of a 2012 data breach.

At the time, hackers reportedly gained access to more than 6 million of the enterprise social network's 161 million users. But LinkedIn has confirmed that an additional set of data was released on Monday.

"We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," Chief Information Security Officer Cory Scott said in a statement. "We have no indication that this is a result of a new security breach."

In a conversation with Motherboard, the hacker who claims to have pulled off the 2012 hack (and who goes by the name "Peace") said there are 167 million-plus accounts in the database—about 117 million of which include emails and encrypted passwords. Subscription-based hacked-data search engine LeakedSource said the same in a Tuesday blog post.

Based on a sample of nearly 1 million credentials, Motherboard reported that the hacked passwords were encrypted with the SHA-1 algorithm—already outdated by 2012. LinkedIn had "just recently put in place" enhanced security measures like hashing and salting—meant to make it harder for hackers to decipher passcodes—when the breach occurred.

"We take the safety and security of our members' accounts seriously," Scott said today. "For several years, we have hashed and salted every password in our database, and we have offered protection tools such as email challenges and dual factor authentication."

Peace is reportedly selling the stolen account data on the dark Web for five bitcoin (about $2,282).

Days after the 2012 breach, LinkedIn was sued for failing to properly secure its users' data, which was settled last year for $1.25 million.

Categories
GAMES
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    House GOP Panel Blasts OPM Over Breach

    A new report by the House Oversight Committee lambastes the Office of Personnel Management for "decades of mismanagement" that allowed last year's massive security breach.The cyber attackers also pilfered security clearance background investigation details on 21.
  • 5300c769af79e

    Nvidia Car Learns To Drive By Watching Humans

    There is a renewed focus on risk data aggregation and reporting (RDAR) solutions, as financial ins With a convolutional neural network, Nvidia researchers have trained a car to drive using video captured during road trips taken by people.Using an Nvidia DevBox (a workstation with GPUs optimized for machine learning), Torch 7 (a machine-learning library), and an Nvidia DRIVE PX self-driving car computer, company researchers mapped the pixels of videos from a car's front-facing camera to steering commands.
  • 5300c769af79e

    Report: USDOT Leaning Towards Approving In-Flight Phone Calls

    In very polarizing news, the US Department of Transportation (USDOT) is reported to be leaning towards giving the thumbs up to in-flight phone calls.Now, there are major caveats should aviation regulators green light in-flight phone calls.
  • 5300c769af79e

    Opera VPN For Android Targets Users, Not Enterprises

    It brings the same risks to the enterprise that the iOS VPN app did earlier this year.Once the analysis is complete, Opera VPN will rate the network with a score of A (totally secure) to F (really unsafe).