LinkedIn and eHarmony passwords databases leaked
- Thursday, June 7, 2012, 4:16
- Threat Research
Yesterday, password databases from two popular websites were leaked in an underground forum popular with computer hackers. 6.5 million passwords from LinkedIn and a further 1.5 million passwords from internet dating site eHarmony were divulged following attacks on these sites.
LinkedIn has already acknowledged the leak, and have said they are changing the algorithm for storing sensitive data and will email users instructions on how to reset password.
eHarmony has also admitted a hack and has said it members will receive an email with instructions on how to reset their passwords.
Based on previous incidents, this is likely to provoke phishers that will attempt to trick users with fake LinkedIn and eHarmony password changing email. We would recommend that concerned users manually change password. To do this, on LinkedIn, just click your name in the upper right corner, select Settings and then Password Change in your profile:
LinkedIn Password Change
It is also worth following a simple 5 step procedure for creating new passwords:
Avoid anything ‘personal’ such as names and birth dates – see this list for examples of passwords to avoid
Avoid overly complex passwords as you don’t want to write them down
Don’t reuse passwords anywhere – leaks will happen in the future and