Data breaches can have a lasting effect for many users when a company is compromised. In 2012, LinkedIn experienced a data breach where it estimated 6.5 million encrypted password were posted online. Now, Motherboard has reported that it was much worse than originally announced. The account information of 117 million LinkedIn users is now up for sale online.
Personal information for sale
A hacker by the name "Peace" is selling the data on the dark web illegal marketplace, The Real Deal, for 5 bitcoin–about $2,200. While the passwords and emails are from 2012, many users still use the same information to log into their online accounts.
LinkedIn posted on their blog that it has demanded the involved parties cease making stolen password data available and is evaluating legal action if they fail to comply.
There is no indication that any new security breaches have occurred since the 2012 hack, but LinkedIn users are urged to change any account passwords that were shared or connected to their LinkedIn profiles.
LinkedIn posted a statement in response, "We have begun to invalidate passwords for all accounts created prior to the 2012 breach that haven't updated their password since that breach. We will be letting individual members know if they need to reset their password."
Updating your password for your LinkedIn account and other websites you used the same password on, may help deter hackers from accessing your information. Changing your password every three to six months and not reusing old passwords are just two steps you can take to help protect yourself. Avoid reusing the same passwords for different accounts, because if a hacker gains access to one password they could compromise other online accounts.
LinkedIn also offers a two-factor authentication security feature that will require an additional code for every log in. If you choose to add this level of security, you'll be asked to add a cell phone number to your LinkedIn account in the Privacy & Settings tab. The number will be used to send a verification code that will change each time you attempt to log in.
If you're concerned about the impact that data breaches can have on you identity, consider ways in which you can not only protect your information, but also recognize identity theft. You can also learn more in our recent article, What You Need to do After a Data Breach, to learn more about how you can help protect your identity.