Search This Blog

Saturday, June 9, 2012

Everything You Wanted To Know About LinkedIn Hacking

LinkedIn.com members woke up to their nightmare this Wednesday when they realised that professional social networking account was compromised. A hack leaked passwords of nearly 6.5 million user accounts. LinkedIn confirmed the intrusion and also announced that it has beefed up security in its current password database. The culprits are yet to be traced, though a user on a public Russian forum is taking credit for the hack. The hacked released around 6.5 million hashed passwords to the forum, and according to security software firm Sophos, at least 60 per cent of those passwords have already been cracked.
Till now, it has not been confirmed whether the user names were revealed too- which could either mean that the hackers couldn't manage to download them or they are keeping it under cover.
LinkedIn password hack, hacking, LinkedIn password protection

Worried if you are under threat? Well, the answer is yes and no. The LinkedIn passwords that were posted online were hashed using SHA-1, which means they cannot be read easily. However, this does not make SHA-1 totally foolproof as it can be cracked with serious attacks. These would require the attacker to insert several million words or phrases into the SHA-1 algorithm and compare the results against the list of leaked passwords. Since it is not known if the hackers have your username so it won't be too wrong to assume that your account could well be hacked. So if you are using the same combination of username and passwords, it is advised to change them soon.
LinkedIn has not commented on the financial information associated with LinkedIn pro accounts. It is advisable that Pro users monitor their financial statements to be sure that no unauthorized transactions take place.
LinkedIn will send an e-mail to all the users whose accounts were compromised and will instruct them about ways of securing their accounts. The company warns users not to click on any e-mail links asking users to change password, as account information can be further ambushed. Users must change passwords on other websites if they are using a common one.

No comments:

Post a Comment