It looks like an old LinkedIn security breach may have been more serious than anyone initially realized.
Four years ago, LinkedIn was hacked. Immediately following this event, the website reported that it had reset the compromised accounts. Problem solved, right? This week, however, LinkedIn confirmed that the 2012 breach was much more significant than it originally thought.
Initially, the business-oriented social network reported that only 6.5 million usernames and passwords had been leaked as a result of the 2012 hacking. In fact, the number was much higher. 117 million LinkedIn IDs from the hack were recently discovered up for sale on a dark web market known as TheRealDeal.
LinkedIn says it will repeat the resetting measures taken four years ago, albeit this time on a much larger scale.
A LinkedIn spokesperson told the BBC, “We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords.” LinkedIn is now advising that members visit the website's safety center to ensure that they have two-step verification authentications, and are using strong passwords, which will help keep accounts as secure as possible. The question remains whether LinkedIn knew how extensive the 2012 breach was, and if so, why they didn't implement a system-wide password reset at the time.
In any case, now's a good reminder about the importance of good security and password practices.
Like what you see? How about some more R29 goodness, right here?
What Happened When I Quit Facebook