World

Phuket Gazette: LinkedIn passwords released by hackers

Published

Thursday, June 7, 2012 10:56

Legacy Phuket Gazette

PHUKET MEDIA WATCH

– World news selected by Gazette editors for Phuket’s international community

Russian hackers release up to 6.5 million LinkedIn passwords

Phuket Gazette / News Wires

PHUKET: Russian hackers have obtained and released the passwords of up to 6.5 million accounts on the popular professional networking website LinkedIn, according to a web posting yesterday.

LinkedIn director Vicente Silveira confirmed in a blog post that at least some of the more than 6.4 million passwords released on a Russian forum correspond to LinkedIn accounts. The leaked passwords were camouflaged with a common cryptographic code called SHA-1 hash, which is considered weak unless extra security layers are added.

“It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases,” Silveira said.

Camouflaging passwords with SHA-1 is considered weak because it translates the same text the same way every time. For instance, if one user’s password is “password”, the resulting code will be the same when another user also uses “password.” This is why security experts recommend adding a security layer called “salt,” which adds another piece of information to the code to make it almost impossible to decode.

The file released on the Russian forum on Wednesday did not contain associated email addresses, but security experts nonetheless advise LinkedIn users to change their passwords as a precaution. Silveira said users of accounts associated with compromised passwords will receive an email from LinkedIn with instructions on how to reset their passwords.

“We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously,” Silveira added in his blog post on yesterday. He noted that emails sent by LinkedIn to affected users will not contain any links, apparently to avoid phishing scams.

It was not immediately clear how the passwords were obtained.

LinkedIn started out in the living room of co-founder Reid Hoffman in late 2002 and was launched officially on May 5, 2003. At the end of the first month of operation, LinkedIn had around 4,500 users. As of May 2012, the company said it has more than 161 million users around the world.

— Phuket Gazette Editors

Get more from The Thaiger

📱 Download our app on Android or iOS
👋 Have your say on our Thailand forums
🔔 Subscribe to our daily email newsletter
📺 Subscribe / Join YouTube for daily shows
👍 Like/Follow us on Facebook
🐦 FOLLOW us on Twitter
📷 FOLLOW us on Instagram

News Categories: World

Related Topics:

Join the conversation and have your say on Thailand news published on The Thaiger.

Thaiger Talk is our new Thaiger Community where you can join the discussion on everything happening in Thailand right now.

Please note that articles are not posted to the forum instantly and can take up to 20 min before being visible. Click for more information and the Thaiger Talk Guidelines.

Create an Account

Click to comment