ProgramBusiness
 
  


Loading LiveCycle Banners.
  1. News Articles
  2. Related News Articles
  3. Comments
News Article Details

LinkedIn Gets Hit by Hacker, 6.46 Million Passwords Leaked Online

Source: Mashable

Back | A- | A+
 Email This     Print     Subscribe


Posted on 07 Jun 2012 by Neilson

LinkedIn logoOn the heels of reports that LinkedIn's iOS app potentially violates user privacy by sending detailed calendar entries to its servers, comes a report that 6.46 million encrypted LinkedIn passwords have leaked online.

A Russian forum user claims he has hacked LinkedIn, uploading 6,458,020 encrypted passwords (without usernames) as proof.

The passwords are encrypted with the SHA-1 cryptographic hash function, used in SSL and TLS and generally considered to be relatively secure, but not foolproof. Unfortunately, it also seems that passwords are stored as unsalted hashes, which it makes it much easier to decipher them using pre-computed rainbow tables.

In simple terms, this means an attacker might be able to crack many of the passwords using very cheap resources in a relatively short amount of time.

Finnish security company Cert-Fi has posted a warning about the incident, saying it is “likely” that whoever hacked LinkedIn possesses the accompanying user names as well.

If you’re a LinkedIn user, we recommend you change your password right now. Furthermore, if you used that password on any other online service, we recommend you change those passwords as well.


Comments

Post a Comment
If you are a Storefront / Tradingfloor user, click here to login.
Note: As a guest user, please fill out the form below to post a comment.
Post your comments here.
Name :
Email Address :
Captcha :
Comments :
Character left : 2000