This week some LinkedIn member passwords were compromised, said, Vicente Silveira, Director of LinkedIn, in a statement on the site. Approximately 6.5 million hashed LinkedIn passwords were posted on a hacker site. Unfortunately, a small subset of the hashed passwords were decoded and published.
Silveira doesn't think email logins associated with the passwords have been published. He said there's been no evidence of unauthorized access to anyone's account.
LinkedIn invalidated some passwords and contacted those members with a message to let them know how to reset their passwords. I changed my password and made it stronger.
As a precautionary measure, LinkedIn is disabling the passwords of any other members they believe could potentially be affected. Those members are also being contacted by LinkedIn with instructions on how to reset their passwords.
I'm glad LinkedIn has made this public and informed us about what they are doing to protect us. Secrets never help an agency save face. They are working to correct the security problems and it helps us realize we may be slack in looking out for ourselves.
LinkedIn suggests we:
- Make sure to update our password on LinkedIn (and any site we visit on the Web) at least once every few months.
- Do not use the same password for multiple sites or accounts.
- Create a strong password for your account, one that includes letters, numbers, and other characters.
- Watch out for phishing emails and spam emails requesting personal or sensitive information.