Earlier this morning a hacker from Russia claimed to have hacked into LinkedIn and managed to steal around 6.46 million hashed passwords, and his fellow hackers have decrypted most of the hashed passwords. LinkedIn, on the other side, took a while to confirm the security breach. In a blog post, nearly after 12 hours, the social media company confirmed that the there was a security breach and “some” passwords were stolen. LinkedIn Director, Vicente Silveira, made the announcement in a postover at the LinkedIn Blog:
We want to provide you with an update on this morning’s reports of stolen passwords. We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts.
Vicente also added the following steps for the compromised accounts:
- Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
- These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.
- These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
Although the hackers did not release any usernames associated with the passwords, all LinkedIn users are asked to immediately change their account passwords. It is also an alert for those users who have used the same password on different website. However, if you’re worried that you may be one among the 6.46 million compromised accounts, then you can confirm it by using a tool released by LastPass. All you need to do is enter your LinkedIn password in the LastPass’s tool and click on the “Test My Password” button. The tool automatically computes its SHA-1 hash and sends the result to LastPass.com to search the list of 6.46 million leaked password hashes. The security tool is safe and does not store any password that users enter. It is also recommended that you use a password management tool like LastPass, which allows you to manage your passwords and form data, allowing you to easily fill inane forms with the click of a button. Also Read: Lastpass Extension for Google Chrome