LinkedIn breached: 6.5 million passwords compromised


Attention LinkedIn users, your privacy has been breached. Millions of internet users can now see your password posted online. We request you not to be under false pretenses that you are safe from this epidemic. LinkedIn has already confirmed this news and has stated that passwords that are reset will now be stored in a salted format, which technically means that passwords are in an encrypted format AND adjoined with a random bunch of characters to make the password-cracking process a pain-in-the-neck for the hacker.

According to Imperva:

The passwords weren't properly protected.  The hashes, in geek speak, were unsalted sha1 hashes.  Not salting is a bad practice that we detailed in last month’s report on the Military singles breach.   Salting, in layman’s terms, complicates the process of a hacker cracking a password.  Not only do you encrypt the password, but append it with a random string of characters so even if those passwords are revealed, they look like gobbledygook.

LinkedIn was probably breached but the password database doesn’t indicate this specifically.  Many of the passwords contained a high volume of the word, or a variation of the word, “linkedin”.  This indicates that the pool of passwords comes from LinkedIn, though the hacker hasn’t specifically made such a connection.  The password set shows:

  • 13 passwords contained “linkedin”
  • 509 passwords contained “linked”
  • 1134 passwords contained “link”

Imperva suggest that the list of the security breach could be much larger than the already whooping number of 6.5 million. They have provided two reasons for their theory:

1. The list doesn't have any easy passwords such as 123456 (which is the most used password in the history of passwords) included.

2. All passwords are listed only once, leaving us to a guessing game wondering how many times was a certain password used.

After this massacre, SophosLabs geniuses did a little research of their own, testing which passwords were commonly used among the 6.5 million users and should never be used by anyone. Their study suggested that only 2 passwords of the 6.5 million passwords were unique and not used by anyone else. "mypc123" and "ihavenopass" are the lucky winners of the day. Unfortunately, these, too, were cracked and exploited.


click here to know if your password is compromised

3 comments:

Hello, Need hacking services?Be warned, most of these so called hackers here are impostors, I know how real hackers work, they never advertise themselves in such a credulous manner and they are always discrete. I’ve been ripped off so many times out of desperation trying to find urgent help to change my school results, finally my friend introduced me to a reliable hacker who work with discretion and delivers, he does all sorts of hacks but he helped me;
-Changed my school grades
-Hacked my cheating boyfriend email/facebook,whatsapp,instagram,with snapchat
-The most of it all, he helped me with Western union money transfer and i tracked and confirm the money before i paid him his fee. I have made him my permanent hacker and you can as well enjoy his services.You can contact him at BESTHACKGAME@GMAIL.COM request for any hacking services and also endeavor to spread the good news on how he helped you.
Tell him Mirabell referred you.

CYBERHACKPROS@GMAIL.COM is a professional hacker that specializes in exposing cheating spouse,and every other hacking related issues. he helps catch cheating spouse by hacking their communications like call, Facebook, text, emails, Skype and many more. i have used this service before and he did a very good job, he gave me every proof i needed to know that my fiancee was cheating. You can contact him on his email CYBERHACKPROS@GMAIL.COM to help you catch your cheating spouse, or for any other hacking related problems, he will definitely help you, he has helped a lot of people, contact him and figure out your relationship status. i wish you the best too call/text +1 512 605 1256..

I sincerely didn’t like the idea, but this is my way of saying thank you to the Quora user that recommended a hacker (CYBERHACKPROS@GMAIL.COM)

I hired him for a very private and difficult matter of helping me hack a my spouse’s phone and social networks and some other personal stuffs and he far exceeded my expectations. which Jeremie, helped me get the info(whatsapp, facebook, text messages, call logs etc) faster and cheaper than I had imagined. The first time we spoke, we had a very long phone consultation in he gave me all my options that he could think of to resolve my case, and he even recommended I try other options before hiring him, which shows that he is honest. I decided to hire him and I am glad I did. he is a fantastic investigator and a great person. If you need a professional, reliable and efficient hacker, then you should contact this guy ; CYBERHACKPROS@GMAIL.COM
You can also call him or send him a text: +1 512 605 1256 INSTAGRAM:Cyberhackprofessional

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More