LinkedIn Reportedly Loses Over 6 Million Passwords

Article main image
Jun 6, 2012
This article is part of a series called News & Trends.

Earlier this morning, The Verge reported that a user in a Russian forum had obtained nearly 6.5 million passwords from the business networking site LinkedIn. The passwords, which didn’t include attached usernames and were encrypted according to the reports, don’t seem to be in immediate danger of being used to compromise accounts. Security experts are nonetheless advising LinkedIn users to change their passwords as soon as possible.

Beyond this individual breach, LinkedIn has a bigger problem to face: how did this information get out into the open and how do they respond in order to calm possible fears of uploading any sensitive information to the company’s site?

While there are some personal details on LinkedIn, most of what users store on there is intended to be public information. Still, having access to contacts that a hacker could use for phishing attempts as well as a password that a user might frequently use is bad enough. And for customers who pay to use the site (either with a premium account or through the purchase of job posting and advertising), somebody being able to access user accounts and passwords might be able to access that information as well.

As of this writing, LinkedIn’s official PR account has yet to confirm the breach, saying:

LinkedIn is one of the top sites that recruiters use to find talent. As of March 31st of this year, the site had over 161 million accounts. Using that figure, the reported compromise of over 6 million passwords would constitute less than 5% of the LinkedIn user population.

This article is part of a series called News & Trends.
Get articles like this
in your inbox
Subscribe to our mailing list and get interesting articles about talent acquisition emailed weekly!