Tag Archives: Passwords

Hackers leak confidential Linkedin passwords


June 07, 2012

Professional social networking website Linkedin.com is investigating a security breach that may have seen upwards of six million passwords compromised.

Linkedin president Vicente Silveira confirmed the incident in a blog post dated June 6, and informed affected users that they would receive an email with instructions on how to reset their passwords, followed by a further email explaining the situation.

Compromised passwords will no longer work, while non-affected users will be able to continue using the site with their current login details.

Over 160 million people use Linkedin to create business contacts, find jobs and upload resumes. Users must be accepted as contacts before they can view another person's private details.

Linkedin is yet to release official numbers, but UK Web security company Sophos is reporting 6,458,020 hashed passwords were uploaded to a Russian online forum.

While the relative usernames to those passwords were not posted, it is likely that the hacker has access to those as well.

Security breaches like this can be a major blow to business, compromising secure information and damaging client confidence.

Red cell assessments are one way to review security measures, by simulating an external attack on secure company information.

A red cell team consists of highly trained professionals, adept at using both standard and experimental methods of cyber penetration.

They can attempt to access secure information already stored on a business database, or they can seek out a faux-document that has been planted beforehand. Either way, information remains secure and confidential and there is minimal risk of downtime or productivity loss.

After the assessment is complete, a full debriefing provides clients with an evaluation of their security processes and allows them to take the necessary steps to prevent a legitimate attack.

Linkedin has apologised to users for any inconvenience caused and emphasised that it takes client security seriously.