LinkedIn acknowledged a security breach of its password databases after Russian hackers claimed to have obtained almost 6.5m user passwords.
The professional social networking site confirmed in a blog post on Wednesday that “some of the passwords that were compromised correspond to LinkedIn accounts.
‘We are continuing to investigate this situation,’ he said. LinkedIn said it sent emails to members whose passwords were affected, explaining how to reset them since they were no longer valid on the site.
LinkedIn, which made its IPO stock debut in 2011, is a social media internet company that caters to companies seeking employees and people scouting for jobs and much more these days.
It has more than 161 million members worldwide. One of the Mountain View, California-based company’s main initiatives is to grow internationally – 61% of its membership is located outside the United States.
Marcus Carey, security researcher at Boston-based Rapid7, said he believed the attackers had been inside LinkedIn’s network for at least several days, based on an analysis of the type of information stolen and quantity of data posted on social media forums.
‘While LinkedIn is investigating the breach, the attackers may still have access to their system,’ Carey warned. ‘If the attackers are still entrenched in the network, then users who have already changed their passwords may have to do so a second time.’
I started getting a few users inviting me to connect with them on Linked In to join their profile network and I have no idea who they are ? their profile set-up looks pretty grim!
According to many IT tech bloggers sites they state, “Officials with LinkedIn declined to comment on whether an attack might still be in progress”
The breach is the latest in a string of high-profile hacks affecting business, companies and governments around the world, which have put the personal information of millions at risk and well let us just say in danger!! this is the dark side of internet, some of have been speaking of these issues mainly, from an end user point of view on our little devices and as we network over the internet we just don’t have privacy rights nor do we have end user protected tools, this is is my right to protect myself on my device & over many of these internet sites on my devices.
News of the breach surfaced on Wednesday when computer security experts said they discovered files with some 6.4 million encrypted passwords on underground websites where criminal hackers frequently exchange stolen information to read more about this LinkedIn confirms some users’ passwords hacked – Technolog
Graham Cluley, a senior technology consultant with British computer security software maker Sophos said that it is not yet clear if all of those passwords belong to LinkedIn members.
The files included only passwords and not corresponding email addresses, which means that people who download the files and decrypt, or unscramble, the passwords will not easily be able to access any accounts with compromised passwords and he believed the breach was genuine and warned that the passwords were now likely to be in the hands of criminals.
He added: ‘We’ve confirmed there are LinkedIn passwords in the data. We did this by searching through the data for passwords that we at Sophos use only on LinkedIn. We found those passwords in the data. We also saw that hundreds of the passwords contain the word Linkedin.
On Tuesday a hacker with the username ‘dwdm’ appealed for help on the Russian hackers’ forum to decrypt the files and access the original passwords.
By yesterday morning, hackers claimed to have revealed hundreds of thousands of passwords.
Although LinkedIn does not contain a wealth of personal data like other social networking sites such as Facebook, there is a risk that confidential information could be stolen.
There is also a risk that LinkedIn members who use the same password for other websites could be at risk of having other personal data stolen, including bank details. Read more: http://www.dailymail.co.uk/sciencetech/article-2155752/I-wish-I-dead-Leaked-LinkedIn-passwords-EVERYONE-love-job.html#ixzz1x5tlj8MR
Yet analysts said it is likely that the hackers who stole the passwords also have the corresponding email addresses and would be able to access the accounts.
Two security experts who examined the files containing the LinkedIn passwords said the company had failed to use best practices for protecting the data.
The experts said that LinkedIn used a vanilla or basic technique for encrypting, or scrambling, the passwords which allowed hackers to quickly unscramble all passwords after they figured out the formula by which any single password had been encrypted.
The social internet network could have made it extremely tedious for the passwords to be unscrambled by using a technique known as ‘salting’, which means adding a secret code to each password before it is encrypted.
‘What they did is considered to be poor practice,’ said Mary Landesman, security researcher @ Cloudmark, a company that helps secure messaging systems.
LinkedIn officials declined to comment on the criticism, saying it was discussing the breach only on its official blog.
Silveira said in the blog that the company just recently put in place new security measures to protect customer passwords, including the use of salting techniques.
In 2011, a security researcher warned that LinkedIn had flaws in the way it managed communications with browsers to authorize logins, making accounts more vulnerable to attack. The company responded by tightening its procedures for logins.
LinkedIn was co-founded by former PayPal executive Reid Hoffman in 2002 and makes money selling marketing services and subscriptions to companies and job seekers.
LinkedIn shares closed 8 cents higher at $93.08 on June 6th, 2012
As we are on these cyber dangers & intruders subject and the the Linked In issue, and if you like me I am not a coder nor am I programmer nor do I give a rats ass to be one, I am pretty much a end user of these technologies in order for me to design my own projects in the development and digital learning sector with many youth and women globally, so that I can empower them with tools that do have a safety feature from an end point and safe to communicate with. My point is although many of these internet companies are working towards making sure we have some sort of privacy rights, unfortunately our password are also being compromised from an end point. An very interesting post I was following early this year when the Saudi University website was hacked and an article written by Znet’s tech blogger…. 85000 Facebook logins hacked. and an updated post. Facebook: most logins hijacked by Israeli hacker were invalid | Facebook admitted that hackers are breaking into hundreds of thousands of Facebook accounts every day. Out of more than a billion logins to the website every 24 hours, 600,000 are impostors attempting to access users’ messages, photos and other personal information Facebook and on this post it states “Facebook said the migration of its users to mobile platforms is compromising its ability to make money from them, according to additions the company made to its IPO regulatory filing on Wednesday” “As the company fields questions from potential investors this week and next on its road show, Facebook is once again reiterating its philosophy of prioritizing the user experience over generating revenue, particularly when it comes to its mobile offerings Continue reading: “Facebook admits to mobile weakness”
One wonders about the future of internet and how safe are we all as end users.
and as you
Each day I keep wondering how these issues & mess can get solved, as many are effected and end users get compromised? on the internet & social networking sites, figure this one out from an end user point of view! how to solve these issues, for me no matter how I see these are critical issues, my concern goes back to those innocent children, youth and women in the educational sector & social media sector utilizing internet & devices who will protect them when issues like these get compromised via many of these social networking sites and internet.
From an end user point of view our rights,our privacy our identity, and as possible victims of crime, and the list is long, interesting way to understand how we don’t have any control when it comes to the internet as end user using the internet. Catch this post interesting post Sky News Admits Hacking Emails in ‘Public Interest’ – WSJ.com
This is the Dark side of the Internet -end users compromised, “cyber dangers & cyber intruders and cyber malware” from an end user end point of view we have no control to protect ourselves, nor do we have any end user privacy rights when it comes to the internet and on our little devices, when we all connect over these social internet networking sites and we can read about these issue on tech blog sites and that is the fact and experts speak about these issuesMcAfee reveals massive, five-year long cyber attack – @ TechSpot News
For the rest of us users, the question is not if or even when hackers will target many of us on social networking sites or if we are going to be hacked. It’s how we’re going to deal with the aftermath and our data and identity. If one was hacked right it is easy to change the password and an article posted on The Los Angeles Times’ Salvador Rodriguez noted when LinkedIn was hacked, the Twitter verse were flooded with e-mails giggling about the site’s general lack of utility. One user commented “If my LinkedIn profile was updated or signed in to in any way in the last four years, then yes, it was hacked,” while another piped up with, “Gee, I sure hope nobody got my LinkedIn password! If your friend request gets accepted, you’ll know I was hacked.”
An interesting documentary that was featured on TV I watched reported by CNBC news correspondent Lester Holt the one-hour documentary aimed to tell the public more about the site’s growth and Zuckerberg’s legal battles with Tyler and Cameron Winklevoss. Holt delved into how the company’s business works and how its targeted advertising works. The documentary showed the audience viewers both the positive and negative effects Facebook has had on the public’s lives by exploring the tale of a woman who used it to reunite with her biological mother, while also presenting the story of another who lost her teaching job after venting about her job on the site, check out a clip featuring Winklevoss twins and Divya Narendra, former Harvard students who say Zuckerberg stole their idea.
I am only painting a picture and speaking here mainly, around end point rights and privacy issues, and mainly to also capture your imagination, that we do have rights and so do innocent humanity to protect ourselves and from keeping, dangerous intruders out. I believe our privacy end user rights are being in a way compromised and yes there is a need for a end point safety protected solution so we can avoid human costs also….as time evolves, we will have a bigger issue in our hands. Catch the advertising footage here …. The Facebook Obsession – CNBC
Some of us do realize there is a dark side of the Internet, we do know many end users are getting compromised and this includes me.
Those of us who are working in the digital sector may not admit but they sure get compromised. Ethically many NGOS and International Development organizations probably get hacked or receive malware links but will not admit it.
When I first began this journey in 2004 many sort of ignored my work and I did state that “cyber intruders” from an end user & end point of view we are truly not all that protected or safe and especially those of us, who work with innocent children, girls and women in the humanitarian sector, we are compromising these innocent children & women if you are in the educational sector too and working with them over many of the social sites.
My point here is that we can change all our passwords unfortunately our identity is compromised and we pretty much have no control to protect ourselves nor do we have any end user rights in many ways, for privacy over the internet and on our little devices (especially if you are working with innocent children and women in developing countries ) yet, we can’t do without communication or our devices and if you reading this post, we are addicted to internet & I know for a fact many of us like to connect over social networking sites.
As time evolves more exciting technology tools, devices and sites are exploding and we are becoming more of these techno zombies, whojust love to have the latest gadget, devices in our hand and this is part of human nature and the evolution cycle when it comes to the Information Age. As technologies evolve so do unethical people who use the same tools & Internet to run their criminal activities.
I may be sounding like a broken record about this end user safety tools & rights or around the damage done to many of us and innocent humanity, this is important to me, please do understand my work and why this fight to find a solution is important to me and if we don’t address this “end points safety need” especially when it comes to many of the innocent children and women in developing countries, a greater human cost will be experienced as time evolves and it already has started.
I began this vision & project in 2004 inviting youth and women, who work in the developing countries, I developed a digital proof of concept project a few of us funded it ourselves . I give many young change leaders and leaders a voice at the same time.
These digital projects were and are not financially supported by anyone the reason I do this is to bring awareness of cyber dangers and as I develop my own digital projects with youth globally, the goal is to provide them with tools and keep them safe @a gem of an idea. I have truly been fighting this issue bringing awareness since 2003 of cyber dangers and cyber threats on the internet & for end point safety equal access. Many of us have known that internet has a dark side and when I design many of my digital projects I don’t get funded …. I just develop these projects with key groups & organizations all youth & women based projects in their communities.
For me, it is more about integrity and ethics around the human cost side & I see how many NGOS and International Development organizations compromise their members and have no clue how they are violating their members rights, especially the innocent children & women for the sake of getting themselves funded for their own work.. I could name a few.
We cannot compromise innocent individuals, especially innocent youth, women and children in many of these developing and developed countries who work with me. Best Practice Standard Tools is a priority for me. I have witnessed many of these global humanitarian international developing networks and NGOS who work with children, youth and women over the social sites or internet – don’t quite care if end user are compromised and they don’t adopted best practices standard end point safety tools to keep many of their members safe and secured.
DO WE HAVE A SOLUTION –YES there are many ways we can speak of online protection or we can put an inquiry to find solutions and not just by one company etc, unless large international development institution, global technology leaders realize that if we don’t address many of these urgent issues we will be putting a lot of innocent children youth and women in danger in many of these developing countries. in a compromising situation, and they are the most important civil society and future generations. As time evolves there will be a huge problem we will be experiencing of human cost side involved in the cyber world, unfortunately no one speaks for those innocent victims. Lately everything has a monetary cost involved and no one truly gives a damn about human cost. This is what I have observed since I began this journey to find a solution. You welcome to post a message or if you want to contact me about my work -@mymulticast
I am currently speaking with a few technology leaders how they can help me address these issues from an end user point of view within the informal digital educational and new media sector, mainly now for many of my projects I develop.
After a while you just have to find a solution, as many of these International Development Organizations or funding groups don’t care.. it is more about “cash flow revenues” or how they get to save their funds so they get to travel to major conferences and rather impacting women like us or support us in what we doing…..there is a need to find a solution and make it available to innocent children and women who use communication devices for education and social media.
Info on my work for human cost for “endpoint safety & security -best practices safety tools @ my multicast.