LinkedIn confirms password leak, encourages users to update passwords
See original article here
(CBS News) Following reports that 6.5 million LinkedIn passwords were leaked on a Russian hacker site, the company confirmed Wednesday that “some of the passwords that were compromised correspond to LinkedIn accounts.”
LinkedIn is a professional social networking site, where users can post their resumes and connect with colleagues or industry contacts.
Vicente Silveira, director at LinkedIn, said in a blog post, “We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts.”
Those next steps for LinkedIn members so far include:
1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email.
3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
According to The Verge, a user on a Russian forum claimed responsibility for the hack. The alleged hacker uploaded passwords, but not usernames. While there are still few details of the hacking, some people have reported via Twitter their passwords have been posted.
The company previously encouraged users to update their passwords, just ahead of confirming there had been a security breach.