Time to Change Your LinkedIn Passwords! 117 Million Credentials Have Been Breached.
In 2012, LinkedIn suffered a data breach of six million user account names and passwords. Apparently, that breach is extremely larger than originally reported.
A Russian hacker going by the name of “Peace” has claimed responsibility for the 2012 hack. This hacker has now resurfaced, and instead of just the six million credentials, he is selling a whopping 117 million credentials on the Dark Web acquired from that same breach.
This hacker waited four years to release the data on the black market.
This just goes to show how important it is to use strong and unique passwords for each service and not to re-use passwords. Hackers tend to rely on repeat password usage and will try to break into other accounts with the credentials obtained from the breach. It can be a cumbersome task to have to remember so many unique passwords, however, with Norton Identity Safe, you can eliminate that hassle. The app will securely store your passwords and automatically log you in to the sites you visit.
It’s entirely possible to have your information breached without you knowing about it. Usually, with data breaches, hackers tend to hold on to the information for months, and in this case, years, in order to evade detection from law enforcement and not draw any suspicion from the breached users.
According to a statement from LinkedIn, the new data released is indeed legitimate, working credentials and "LinkedIn is invalidating passwords and is letting members know how to reset."
What to do to stay safe:
If you have a LinkedIn account, change your password immediately! Even if you don’t think you’re affected- there’s no way of completely verifying that.
You can reset your password for LinkedIn here: https://www.linkedin.com/psettings/change-password
In addition to changing your passwords, it’s an excellent idea to turn on Two-Factor Authentication, which LinkedIn provides. Two-Factor Authentication adds an extra layer of security to your account, usually be sending a text code to a device you own, and the hacker does not have access to.