LinkedIn, the professional social networking service has not had a good run at user privacy over the last few days, first a report began circulating in which LinkedIn was infringing its own user privacy policy by sending detailed calendar entries to its servers and now 6.5 million encrypted passwords of its users are reported to be hacked.
News of this hacking came from a Russian forum user who claimed that they have hacked LinkedIn and downloaded the passwords of 6.5 million users and that user then posted the encrypted passwords without usernames as proof of their hack.
Regarding this issue, LinkedIn has responded by sending a tweet “looking into reports” through its Twitter account
Norweigan IT website Dagens IT reported the breach, with 6.5 million encrypted passwords posted to a Russian forum hacker site. Per Thorsheim, a security researcher has also confirmed this report through his Twitter feed, stating that a hacker with the username “dwdm” has posted the encrypted passwords and asked the fellow hackers to assist him in decrypting the passwords. By Wednesday morning, they claimed to have unveiled hundreds of thousands.
Some experts immediately warned Linked users to change their passwords(as a precautionary measure) as soon as possible.
“It would seem sensible to suggest to LinkedIn users that they change their passwords as soon as possible as a precautionary step,” said Graham Cluley of the British Internet security firm Sophos.
“Don’t delay. Do it now.”
LinkedIn is currently used by more than 150 million users including business owners,job seekers etc and this hacking suggests that this breach is limited to less than 10% its userbase, but still huge number of users will be affected.
Later it said the investigation was continuing.