CEOs, top execs, and everyone else on LinkedIn: Your login credentials are being bought and sold on the dark web, so it's time to change your passwords!
LinkedIn members' login credentials are being sold on the dark web.
The 2012 breach of social networking site LinkedIn, has come back to haunt us. That breach resulted in 6.5 million members' credentials being stolen. Articles published in the last day report that the number was way short of reality - it's actually more than 167 million email and password combinations - or nearly all the members of LinkedIn.
What to do if you are a LinkedIn member
The best thing you can do now is to change your password. If you created your account more than 4 years ago and never changed your password, you won't have a choice. LinkedIn CISO Cory Scott wrote in the official blog yesterday evening,
We have begun to invalidate passwords for all accounts created prior to the 2012 breach that haven’t updated their password since that breach. We will be letting individual members know if they need to reset their password.
Changing your password regularly is a good practice, and this time it is imperative. The stolen information is allegedly for sale on the dark web. The creator of the "Have I Been Pwned?" service, Troy Hunt, tweeted,
I'm seeing claims of a 167M record LinkedIn data breach and it's presently being sold for 5 BTC on a dark web trading site. Anyone verified?
The online publication Motherboard reports that a hacker calling himself "Peace" is selling 117 million sets of login credentials on the illegal marketplace The Real Deal for 5 bitcoin, which is valued roughly at $2,200. The difference in the amount stolen and for sale is probably due to LinkedIn members who registered via Facebook.
LeakedSource lists the most popular passwords among LinkedIn users, and it's hardly a surprise.
You've seen the rules before: Use long, strong passwords that mix letters, numbers, special characters, and capital letters. And by all means, avoid using the same password on different accounts. Once a hacker has one set of credentials, he can use them to break into your other accounts.
AvastPasswords manager is free to all Avast 2016 users who use Free Antivirus, Pro Antivirus, Internet Security, and Premier. Avast Passwords helps you manage passwords across all your devices and all you need to remember is one main password.
To find out if your email address was part of a large data breach where your password was leaked, use the Avast Hack Check tool.