LinkedIn confirms passwords were ‘compromised’

LinkedIn said today that some passwords on a list of allegedly stolen hashed passwords belong to its members, but did not say how its site was compromised.

“We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts,” Vicente Silveira, a director at the professional social networking site, wrote in a blog post.

LinkedIn has disabled the passwords on those accounts, it said. Account holders will receive an e-mail from LinkedIn with instructions for resetting their passwords. The e-mails will not include any links. Phishing attacks often rely on links in e-mails that lead to fake sites designed to trick people into providing information, so the company says it will not send links in e-mails.

Affected account holders will then receive a second e-mail from LinkedIn customer support explaining why they need to change their passwords.

Earlier this morning, LinkedIn had said it found no evidence of a data breach, despite the fact that LinkedIn users were reporting that their passwords were on the list.

Related stories

More to come…

Related Links:

LinkedIn’s app transmits user data without their knowledge

Hackers claim breach of China Telecom, Warner Bros. networks

Thousands of Twitter passwords exposed

The guide to password security (and why you should care)

Startup whisperer Reid Hoffman thinks social is still big

via CNET Latest News

Lascia un commento