Techlicious: Millions of LinkedIn & eHarmony Passwords Stolen

June 08, 2012 by in Techlicious

linkedin passwords stolen

By Josh Kirschner for Techlicious

LinkedIn & eHarmony Confirm Passwords Were Hacked

Professional networking site LinkedIn and dating site eHarmony confirmed yesterday that millions of user passwords have been stolen from their databases and posted on the Internet. If you are a user of either of these services, it’s critical that you change your password immediately on these sites, as well as any other sites for which you use the same password, especially for email, banking or other sensitive data.

The breach was identified when the hacker(s) posted the list of 8 million encrypted passwords to a hacker forum for help with breaking the encryption code. Sophos security is reporting that more than 60% of the passwords have already been cracked.

Worse, while the 8 million passwords posted represent only a small portion of the total users of the sites, some security experts suspect that the hacker(s) may have access to the full password list and only posted those that they were having difficulty cracking. Rick Redman, a security consultant for Kore Logic Security told Ars Technica, “It’s pretty obvious that whoever the bad guy was cracked the easy ones and then posted these, saying, ‘These are the ones I can’t crack.'”

How did this happen? –Article Continued Here

This excerpt appears with permission from Techlicious.

TechTalk Notes:

Email Communication to Linked In Users (06/09/2012)

We recently became aware that some LinkedIn passwords were compromised and posted on a hacker website. We immediately launched an investigation and we have reason to believe that your password was included in the post.

To the best of our knowledge, no email logins associated with the passwords have been published, nor have we received any verified reports of unauthorized access to any member’s account as a result of this event. While a small subset of the passwords was decoded and published, we do not believe yours was among them.

The security of your account is very important to us at LinkedIn. As a precaution, we disabled your password, and advise you to take the following steps to reset it. If you reset your password in the last two days, there is no need for further action.

1. Type www.linkedin.com/settings directly into your browser
2. Type in your email address and press Sign In, no password necessary
3. Follow the on-screen directions to reset your password

Note: Do not reuse your old password when creating your new password.
If you have been using your old LinkedIn password on other sites, we recommend that you change those passwords too. We appreciate your immediate attention to resetting your password and apologize for the inconvenience.

Thank you,
The LinkedIn Team

Techlicious

About Techlicious

Techlicious was founded by consumer tech guru, Suzanne Kantra, Techlicious is your daily scoop on everything from the best new mobile phones and apps to holiday shopping guides to step-by-step instructions for protecting your privacy on the Internet.

14 Responses to Techlicious: Millions of LinkedIn & eHarmony Passwords Stolen

  1. Steph Thomas says:

    Hey, The LinkedIn Team…if people had any sense they'd stay a million miles away from you anyway! I've never seen such a number of deceptive tactics that you use. You send out phony messages. I've received many supposedly from certain people, and I know for fact that these folk never sent it. I don't like your using my name, numerous times with different emails of mine and different spellings, to send to people I know, in my behalf! I wouldn't send these either. You deceive people by telling them that it comes from someone they trust, and at least 85% of the time it's a blatant lie!

    You KNOW what you're doing! and it's disgusting!


  2. Vickey Carol Fesmire Cooper says:

    just want all my LinkedIn friends to know. I didn't do eharmony


  3. Rukshan Wijeratne says:

    Lovely!


  4. Loretta May Nerswick says:

    Chase online also uses the "send you a code" method for security. It stinks to have to do it, but it's worth it if it protects my identity. Thanks for the article I hadn't heard this and changed my password immediately. Now I'm going to change them all, all one hundred of them. ha ha!


  5. Dave Graham says:

    If you have a LinkedIn or eHarmony account…


  6. Kris Erskine says:

    Here in Hong Kong and in China when you open a bank account you are given a keychain algorithm device and each time you want to log in you must type your username, password, and a unique code from the algorithm device which is only good for about ninety seconds after you push the button on the device. Impossible to crack and so easy to implement.


    • When was that introduced in your country? there is a similar thing for a video game that I play, it was introduced a few years ago


      • Glenn Hill says:

        @Kenny G. Smith: Betting that game is World of Warcraft; a device just like that can be purchased from their online store. Provides the highest level of security for accounts in the game.


    • Kris Erskine says:

      sorry for the late reply. been away from email for a few weeks. this algorithm keychain device has been in hong kong and china for as long as i've been here, since 2006. i don't know when it was first introduced though.


  7. Vernon Emmerich says:

    Get me out of linkedin forever


  8. Chris Babbler says:

    And THAT is why the text message thing where they send you a 1-time useable code to access a website is undefeatable. You also must supply the password but the access code is only accessible when it is sent to YOUR phone. Pretty much very difficult to hijack your account using this method if not impossible. Paypal has instituted it and it works great. Very easy. Gives you a feeling of safety like never before. You could even have a keyboard logger and it wouldn't work for the bad guys. Yeah Baby!


  9. I did what you said to do to reset my p/w but I could not get into the reset function. It kept telling me that you needed to reset my password so go to my email. I followed it exactly but could not get in to change my p/w. Help, I’m stuck in limbo here!?
    Bobby


Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Scan with PC Matic

Sign up for our FREE Newsletter

Our weekly newsletter is packed with computer tips & tricks.
As a bonus, receive monthly emails with exclusive offers.

Which device is the most important to you?

View Results

Loading ... Loading ...


Contributors