Thursday, 19 May 2016

Millions Of LinkedIn Logins 'For Sale'


LinkedIn has said it will be taking immediate action to secure the affected accounts, asking members to reset their passwords.


A hacker claiming to have more than one hundred million LinkedIn logins is advertising them for sale online.
The extensive list of user IDs and passwords were allegedly sourced from a cyber attack on the networking site four years ago.
According to news site Motherboard, a hacker calling himself "Peace" has placed the alleged details of 117 million LinkedIn users on "dark web" marketplace The Real Deal for the price of 5 Bitcoin - the digital currency - worth around £1,500.
At the time of the original breach in 2012, LinkedIn reset the accounts of those it believed were affected.
However the site now says the number of users affected was far greater than initially thought, and they plan a more wide-scale reset.
In the wake of the 2012 breach, only around 6.5 million details were posted online - but LinkedIn's chief information security officer Cory Scott said he does not believe the extra data was gained as the result of a new security breach.
"In 2012, LinkedIn was the victim of an unauthorised access and disclosure of some members' passwords," he said.
LinkedIn
"At the time, our immediate response included a mandatory password reset for all accounts we believed were compromised as a result of the unauthorised disclosure.
"Additionally, we advised all members of LinkedIn to change their passwords as a matter of best practice.
"Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012."
Mr Scott added that the company was now taking action to secure the affected accounts.
"We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," he said.
News of the breach is the latest in a long line of cyber attacks on major websites and companies, with telecoms firm TalkTalk and parental forum site Mumsnet among those who have been the victims of security breaches in the last year.

No comments: