The 2012 LinkedIn hack caught everyone off guard with the theft of a staggering 6.5 million passwords. The issue that was presumably fixed after the business-oriented social networking platform reset all the compromised accounts have resurfaced, and this time it is much worse than anyone could have anticipated. LinkedIn announced on last Wednesday that the security breach has claimed 117 million IDs so far. The hacker who goes by the nickname “Peace” is trying to sell the login credentials on the dark web. But that is not the worst part. Since most people tend to use the same password for different accounts, hackers may gain access to their Facebook account, email, and banking details and other sensitive information.
How bad is the security breach?
The enormity and severity of this security breach are evident in the numbers itself especially when it is compared to other notable hacks of the past few years, namely the Ashley Madison hack of last year and the 2011 PlayStation Network hack. About 73% of LinkedIn’s total number of users has been victimized. In a report that was recently published on Motherboard, it was revealed that the hacker is selling the stolen login details in the illegal marketplace for five bitcoin, which is about $2,200. Two darknet websites called The Real Deal and LeakedSource reportedly have obtained the stolen data. The hacker also revealed that the hacked database has about 167 million accounts, of which about 117 million have encrypted passwords and emails.
This security breach hit home and we, at RPRNmag experienced it firsthand.Anne Howard, the editor-in-chief of RPRNmag, the business, and tech news magazine, is one of the victims of this massive LinkedIn hack. Her account was hacked, RPRNmag company page and all, and a Ukrainian imposter named “Alex” posed as the CEO of the newsmagazine. What made matters worse is LinkedIn tech support response. Anne received little to no assistance from LinkedIn support when she reported the breach. “LinkedIn left me with no option than to take down my account”, said Anne. Aside from causing grave distress among millions of users, this security breach has also marred LinkedIn’s reputation. People may start to question the integrity of their interaction on the platform, and that would prove to be fatal for the company’s future.
How is LinkedIn handling the situation?
“We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords” – stated a LinkedIn spokesperson in an interview with BBC. Experts are not at all impressed by the way the California-based company is responding to the situation. When users logged into their accounts after finding out about the incident, there was no message urging them to change their passwords immediately. And as we see in Anne Howard’s case, the customer support team wasn’t of much help either. Some users have had to wait for days before receiving the password reset email from LinkedIn. It seems as though the company was not at all prepared for such a fiasco.
What should you do?
The best way to safeguard your personal information at this point is to change your account password immediately and avoid generic passwords that are easy to guess. You should also change the password to your email and other social media accounts if they are linked to your LinkedIn account. Don’t forget to add the two-factor authentication, which means you will receive text message whenever you login to your account from a different computer.
The incident has dredged up some embarrassing flaws in LinkedIn’s old security policy. The faulty security measures make it easier for hackers to invade users’ accounts. Hopefully, the company will revise the website’s security tactics now. Stay tuned for more news and updates!