First it was the new mobile calendar app that was reported to be transmitting the full meeting notes and other data on both the iOS and Android platform and now its the password hack news. It really is turning out to be a very bad week for LinkedIn.
LinkedIn security was breached when the passwords were leaked for around 6.5Mn of its users. Considering the total user base to be in approx 160Mn range, the whole of the user base wasn't at risk; but the issue is still a very high importance one.The reports came out on Wednesday when the leaked passwords were posted on a Russian web forum, with a message that was encouraging other hackers to help in decrypting the hashed passwords.
Members whose passwords were compromised were reported to have received mails that asked them to confirm their mail ids. The link in the mail obviously didn't take them to LinkedIn' site, rather a site selling counterfeit drugs. However these users have been told that they will receive information through email on how to change the password, but the mail will be without any links. Analysts however reports that the number of users whose passwords were compromised may even be larger than what is actually reported. They say that since any password that was leaked may be used by more than one LinkedIn member, seems to make sense!
The passwords (minus the usernames) were posted on the Russian web forum by the user who hacked the security system. The passwords were encrypted with the SHA-1 cryptographic hash function, that are generally considered relatively secure. However it also means that passwords are stored as unsalted hashes, making it much easier to decipher them using precomputed rainbow tables. While a few may have been arguing about the seriousness of the reports, LinkedIn seems to have acknowledged the same on their Twitter account.
As a safe guard, even if your password is not hacked and you are not one of those 6.5Mn or whatever the actual number may be, its a good idea to actually change your password. And since we are on the 'change password' topic, why not do it for all other accounts where you may be using the same password as that of LinkedIn. Be advised that the hackers after possessing your passwords have equal or may be more chance of attacking other online accounts of yours just to check if they could get in.
Oh and by the way the mobile calendar app issue that we talked about right at the start, it seems the updated version for the Android devices is already available on the Google play store. So update your app manually if it hasn't been on the auto update. As for the iOS version, it seems that the update is available but waiting on Apple' own approval for now.
LinkedIn security was breached when the passwords were leaked for around 6.5Mn of its users. Considering the total user base to be in approx 160Mn range, the whole of the user base wasn't at risk; but the issue is still a very high importance one.The reports came out on Wednesday when the leaked passwords were posted on a Russian web forum, with a message that was encouraging other hackers to help in decrypting the hashed passwords.
Members whose passwords were compromised were reported to have received mails that asked them to confirm their mail ids. The link in the mail obviously didn't take them to LinkedIn' site, rather a site selling counterfeit drugs. However these users have been told that they will receive information through email on how to change the password, but the mail will be without any links. Analysts however reports that the number of users whose passwords were compromised may even be larger than what is actually reported. They say that since any password that was leaked may be used by more than one LinkedIn member, seems to make sense!
The passwords (minus the usernames) were posted on the Russian web forum by the user who hacked the security system. The passwords were encrypted with the SHA-1 cryptographic hash function, that are generally considered relatively secure. However it also means that passwords are stored as unsalted hashes, making it much easier to decipher them using precomputed rainbow tables. While a few may have been arguing about the seriousness of the reports, LinkedIn seems to have acknowledged the same on their Twitter account.
As a safe guard, even if your password is not hacked and you are not one of those 6.5Mn or whatever the actual number may be, its a good idea to actually change your password. And since we are on the 'change password' topic, why not do it for all other accounts where you may be using the same password as that of LinkedIn. Be advised that the hackers after possessing your passwords have equal or may be more chance of attacking other online accounts of yours just to check if they could get in.
Oh and by the way the mobile calendar app issue that we talked about right at the start, it seems the updated version for the Android devices is already available on the Google play store. So update your app manually if it hasn't been on the auto update. As for the iOS version, it seems that the update is available but waiting on Apple' own approval for now.
Post Credit
A Social Media Strategist at Quick Seo Results, Aiko is a passionate social media marketer. She loves to roam around the digital world. Currently lives in Philippines.
Circle her on Google plus to stay in touch with her posts and all day to day updates and here is her business page on Facebook !!
A Social Media Strategist at Quick Seo Results, Aiko is a passionate social media marketer. She loves to roam around the digital world. Currently lives in Philippines.
Circle her on Google plus to stay in touch with her posts and all day to day updates and here is her business page on Facebook !!
0 comments:
Post a Comment