Russian hacker leaks 6.5 million LinkedIn account passwords on cybercrime forum
Around six million users of the social networking site LinkedIn have had their accounts hacked and their passwords stolen, according to technology experts.
The website, popular with businessmen and women, is investigating claims that a file containing 6.5million encrypted passwords was published on a Russian hackers' web forum.
Experts are now advising users to change their passwords on LinkedIn and other websites for which they use the same password.
LinkedIn has more than 160million users in 200 countries.
Graham Cluley, of inteet security firm Sophos, said he believed the breach was genuine and waed that the passwords were now likely to be in the hands of criminals.
He added: ‘We've confirmed there are LinkedIn passwords in the data. We did this by searching through the data for passwords that we at Sophos use only on LinkedIn. We found those passwords in the data. We also saw that hundreds of the passwords contain the word Linkedin.
‘Our advice is to change your LinkedIn password. And if you use the same password on other accounts, change it there too.'
Per Thorsheim, the inteet security expert who first raised the alarm, said that the number of users who may have had their passwords stolen is likely to be around 6.5million.
The news comes after LinkedIn was forced to change its policies after it was accused of a privacy breach discovered by web security researchers.
The problem conceed a mobile app which sent unencrypted calendar entries, such as phone numbers and passwords for conference calls, to LinkedIn servers without the users' knowledge.
On Tuesday a hacker with the useame ‘dwdm' appealed for help on the Russian hackers' forum to decrypt the files and access the original passwords.
By yesterday moing, hackers claimed to have revealed hundreds of thousands of passwords.
Although LinkedIn does not contain a wealth of personal data like other social networking sites such as Facebook, there is a risk that confidential information could be stolen.
There is also a risk that LinkedIn members who use the same password for other websites could be at risk of having other personal data stolen, including bank details.
A spokesman for LinkedIn said: ‘Our team continues to investigate, but at this time we're still unable to confirm that any security breach has occurred.'
What's Your Reaction?
Like
0
Dislike
0
Love
0
Funny
0
Angry
0
Sad
0
Wow
0
