6.5 Million LinkedIn Hacked Passwords

LinkedIn, one of the biggest professional social networks, has suffered a major breach of its user password database. The attack was confirmed on Wednesday afternoon by Vicente Silveira, Director at LinkedIn, and was followed by an apology to the affected LinkedIn users who now have a hacked password.
A file containing nearly 6.5 million hacked passwords was published on a Russian online forum. At first, no one was 100% sure where the passwords came from, but soon it became apparent that many of these passwords were associated with LinkedIn accounts.
“Many of the cracked passwords that have been published to the forum have the common term ‘LinkedIn’ in them,” said security adviser, Per Thorsheim, to PCWorld. Sophos, computer security software developers, also came to this conclusion when they noticed some of their employees passwords on the hacked password list.
Imperva, a leading data security organisation, suspects that the breach may have exposed more than the reported 6.5 million accounts because the published hacked password list does not include common, easy to guess passwords such as “123456”. The list the attacker has released contains hard to guess passwords and the reason he released it, is to gain external help to crack the complex passwords. It also only lists each password once, not revealing if that same password (continue reading...)