If you created a LinkedIn account prior to 2012 and have not changed the password since, your account might at risk. Your email ids and hashed passwords may be up for grabs online as the hackers that stole the data in a 2012 attack threaten to publish the data.
Security experts ask such users to immediately change their passwords to protect their sensitive data. They say having a two-step verification for their accounts would be a good idea to be safe.
A cyber attack on LinkedIn database, stealing millions of passwords and threatening to publish the data online has sent shockwaves among the users. The experts asked the users to immediately change their passwords and use different passwords for different networking sites.
With reports on stolen data being published, LinkedIn has stepped into taking damage control action. “We took immediate steps to invalidate the passwords that might be at risk,” it informed the users in an email.
LinkedIn has swung into action and reached out to its users, informing them about the four-year-old data breach and hackers’ attempt to publish the stolen data online. “We’ve finished our process of invalidating all passwords we believed were at risk. These were accounts that had not reset their passwords since the 2012 breach. We will soon be sending more information to all members that could have been affected, even if they’ve updated their password,” the site said.
Nilesh Jain, Country Manager (India and SAARC) of security solutions firm Trend Micro, points out that cyber security is something you can’t ignore anymore.
“Such breaches certainly make you question every platform on the web and calls for everyone to be extra careful about the passwords they chose and the security solution they use,” he said. “Passwords are here to stay for quite some time in spite of the innumerable weaknesses that has been reported against this weak form of authentication. While we can talk about more modern and more sophisticated forms of authentication, we also have to simultaneously re-look into the approach that we are taking to safeguard digital identity and its usage,” Sudeep Das of RSA said.
Automated toolsLinkedIn said it was using automated tools to attempt to identify and block any suspicious activity that might occur on some accounts. It also said it has strengthened security mechanism to pre-empt further attacks.