Hackers expose 6.5 MILLION 'LinkedIn passwords'

LinkedOut: Hashed details posted on Russian Dropbox-alike site


LinkedIn has said it is looking into a file that reportedly contains the mildly obscured passwords of around 6.5 million of its users.

A list containing the SHA1 hashed but unsalted passwords, purportedly of users of the business social network, has been posted on a Russian Dropbox-alike website. Some LinkedIn users have confirmed on Twitter that their password was in the list, with many saying it was an old password:

LinkedIn has no information on its website, but it has tweeted that it's assessing the situation:

The network hadn't returned a request for comment at the time of publication.

There aren't any email addresses or names on the leaked list, but security experts have been at pains to stress that doesn't mean the hackers don't have them.

SHA-1 hashing is not the securest form of encryption; sensitive information should really be salted, a much stronger form of security.

The leak is coming at a bad time for LinkedIn, as it's already had to defend itself against privacy concerns over its new mobile calendar feature.

The feature is supposed to sync users' mobile calendars with LinkedIn to provide details on the people they are meeting. However, in order to make this "smarter", LinkedIn had been pulling in email addresses for the people, the subject of the meeting, the location and the meeting's notes – a lot of information.

Syncing with LinkedIn is an opt-in feature, so users don't have to do it and the network has said it doesn't store any calendar information on its servers. ®


Tech Resources

What WAF is right for you

Applications are architected in many ways, but all need protection from threats. Learn the most important things to consider when choosing a WAF.

Three reasons you need a hybrid multicloud

Businesses need their IT teams to operate applications and data in a hybrid environment spanning on-premises private and public clouds. But this poses many challenges, such as managing complex networking, re-architecting applications for the cloud, and managing multiple infrastructure silos. There is a pressing need for a single platform that addresses these challenges - a hybrid multicloud built for the digital innovation era. Just this Regcast to find out: Why hybrid multicloud is the ideal path to accelerate cloud migration.

Top 20 Private Cloud Questions Answered

Download this asset for straight answers to your top private cloud questions.

How backup modernization changes the ransomware game

If the thrill of backing up your data and wondering if you will ever see it again has worn off, start the new year by getting rid of the lingering pain of legacy backup. Bipul Sinha, CEO of the Cloud Data Management Company, Rubrik, and Miguel Zatarain, Director of Global Infrastructure Technology at PACCAR, Fortune 500 manufacturer of trucks and Rubrik customer, are talking to the Reg’s Tim Phillips about how to eliminate the costly, slow and spotty performance of legacy backup, and how to modernize your implementation in 2021 to make your business more resilient.

Biting the hand that feeds IT © 1998–2021