LinkedIn notifies 400 Million members of the data breach. Here’s a quick way to find out if you’re one of them
Over 100-200 Million LinkedIn profiles Were Hacked and a hacker stealing more than one hundred million identities and passwords being leaked to the internet.
In the same breach, hackers stole and publicly released a separate set of 6.5 million encrypted passwords that year.
The hacker, who goes by the name “Peace,” told Motherboard that the data was stolen during the LinkedIn breach of 2012. At the time, only around 6.5 million encrypted passwords were posted online, and LinkedIn never clarified how many users were affected by that breach.
Peace is selling the data on the dark web illegal marketplace The Real Deal for 5 bitcoin (around $2,200) {round Rs 147872.89}
While LinkedIn only had 165 million accounts at the time of the breach, the hack may include people who have logged in through Facebook.
On May 18, 12:32 p.m. ET: LinkedIn confirmed on Wednesday that the new data is legitimate.
“Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012,“ the company’s chief information security officer Cory Scott wrote in a blog post. “We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords. We have no indication that this is as a result of a new security breach.“
Australian security expert Troy Hunt has now created a website that helps you find out if your account has been compromised. The website called HaveIBeenPwned cross checks with over 500 million accounts from over 106 compromised websites that have been reported. To our surprise, we discovered our email addresses appeared in the Adobe breach in 2013 and LinkedIn in 2016.
LinkedIn users can take steps to beef up their account security by setting up a strong password and implementing two-factor authentication, which provides an extra level of protection. Here’s how to do both via LinkedIn’s website:
Change your password
Log in to your LinkedIn account (if you’ve forgotten your password, click on the ? next to the password field, and LinkedIn will send you a link to change it).
After you’ve signed in to the site, hover over your thumbnail photo in the upper right corner, and a menu called Account & Settings should pop up. At that menu, click on the Privacy & Settings option.
Your account page should appear. Click on the option to Change password. Type your current password in the first field, then type your new password in the second and third fields.
Try to use a strong password. You can use an alphanumeric password with both letters and numbers. You can use a short multi-word phrase, such as “There’s-no-place-like- home.” Another option is to purchase a password generator such as RoboForm or LastPass, which automates the process of creating, remembering and applying passwords.
Click the Save button. You’ll now use your new password to sign in to LinkedIn.
OK, let’s say you want to take security a step further and set up two-step verification. This security method uses verification codes sent to your mobile phone, which you then enter on the website.
Set up two-step verification
From your LinkedIn home page, hover over your thumbnail photo in the upper-right corner, and a menu called Account & Settings should pop up. Then, click on the Privacy & Settings option.
At your account page, click on the Privacy category at the top. Scroll down to the Security section and click on the option for Two-step verification.
Add your phone number if requested. Enter your password. Then type the verification code you receive on your mobile phone and click on Verify.
Go back to the Privacy section and again scroll down to the Security section and click on the option for Two-step verification. Click on the link to Turn on. Again, enter your LinkedIn password. And again, enter the verification code sent to your mobile phone and click on Verify.
Each time you sign in to your LinkedIn account, the site will send a verification code to your phone. Simply enter that code at the Two-Step Verification page to log in.
Using a strong password and two-step verification may be cumbersome steps, but they can help protect your account credentials from being used by the wrong people.