If you’re a user of the business networking site LinkedIn, you should change your password ASAP. The reason being that 6.5 million user passwords that are linked to their users have been leaked online:
A user in a Russian forum says that he has hacked and uploaded almost 6.5 million LinkedIn passwords, according to The Verge. Though his claim has yet to be confirmed, Twitter users are already reporting that they’ve found their hashed LinkedIn passwords on the list, security expert Per Thorsheim said.
“We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts,” Vicente Silveira, a director at the professional social-networking site, wrote in a blog post. It is unknown how many passwords have been verified by LinkedIn.
LinkedIn has disabled the passwords on those accounts, it said. Account holders will receive an e-mail from LinkedIn with instructions for resetting their passwords. The e-mails will not include any links. Phishing attacks often rely on links in e-mails that lead to fake sites designed to trick people into providing information, so the company says it will not send links in e-mails.
Affected account holders will then receive a second e-mail from LinkedIn customer support explaining why they need to change their passwords.
Just to be safe, you should change your password anyway. Here’s a link as to how to do so along with a bunch of other good tips. You can also check to see if your password has been leaked here. Bear in mind if you have a common password a positive result may not mean that your account has been compromised. But it is a starting point.
In any case, this shows just how insecure an online service can be. Time for LinkedIn to step up their game from a security standpoint.