It’s been reported that 6.5 million LinkedIn password hashes have been leaked and the password hashes have been made widely available on the internet.
Why is this important to you? The password hashes are now available for cracking, and once decoded they can be used to access any accounts with the same or similar password that belong to you, not just LinkedIn. Given the fact that the password hashes have been exposed, unless your password is extremely complex, it has likely already been compromised.
In addition, if you are an iPhone or iPad user and sync your calendar via ActiveSync, this breach, in combination with the iOS calendar data leaks, could potentially mean exposed calendar data, meetings notes, passwords, etc.
By default – LinkedIn disabled all the compromised passwords and send an official e-mail that looks like this: ([email protected])
Dear Late Night Parents,
In order to ensure that you continue to have the best experience using LinkedIn, we are constantly monitoring our site to make sure your account information is safe.
We have recently disabled your account for security reasons. To reset your password, follow these quick steps:
- Go to the LinkedIn website
- Click on “Sign In”
- Click on “Forgot Password?” and follow the directions on the website
The LinkedIn Team
To be safe – reset your password and do NOT use the term “linkedin” in your password. The LinkedIn e-mail won’t include any links or URL’s to reset your password. (that’s a tip for scammers trying to steal your password)