• LinkedIn Security Breach!

    Security Breach At Yet Another LARGE Corporation – LinkedIn Users Beware

    June 6, 2012

    As of this afternoon, one of the world’s largest professional networking sites has retracted their earlier denial of any security breach of 6.5 million of their users’ account passwords to confirm the rumors. The company has invalidated the passwords of affected users, sending out email notifications. Users are cautioned not to change their passwords via links within any emails; LinkedIn email notifications will not contain phishing links. In short, users whose accounts were breached will not be able to login as normal without resetting their passwords as per the specific instructions issued.

    After issuing an apology for the “inconvenience this has caused” to members, LinkedIn also mentions that they have recently added further security measures that include “salting” and “hashing” the password databases. “Salting” refers to a process that integrates random bits to create one of the inputs of a function which coupled together with a user’s password makes security breaches far more difficult though not impossible.

    The original rumors about the breach spread when a Russian hacker site posted the breached accounts’ passwords and emails. Since earlier today, the breached data is no longer available online. While those who are affected by the LinkedIn breach will receive email notifications, it would be prudent for all of us to change our passwords regardless. Remembering that most people use the same password across multiple social media and email accounts, it may be a huge annoyance in the short term to change these passwords, but will save on potentially far more serious implications in the not so distant future.

    What can hackers do with your email and password to one social media account? They can do reverse look-ups on your email to potentially find where you live. They can use your password, which you most likely use for other accounts, to hack into those accounts. Even if they don’t get direct access to say, your bank accounts, they can easily do so if they hack into your important email account. Most of us have e-bills, which means our email accounts are storing precious, serious data that tells all about us, who we are, where we live, where we work, where we bank and potentially about the people close to us.

    – Do yourself a huge favor and take the few minutes now to change your password on LinkedIn and any other accounts that you’ve used the same password for. Remember these points when creating a password:
    – Don’t use the obvious like your name, parts of your name, birthdates, social security numbers, etc.
    – Don’t use the names or parts of names of those closest to you such as spouse, children, parents or siblings. This information can be easily found on sites like facebook or people searches.
    – Do use as long a password as you’ll viably remember easily.
    – Do include a combination of numbers, letters and whenever possible, special symbols.

    Best of luck to each of you and hopefully this will be nothing more than just a blip that is part of the modern world we live in. Too bad LinkedIn didn’t employ StopTheHacker’s online protective services…this could all have been avoided.