icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
18 May, 2016 21:55

Hacker offers 117 million LinkedIn login details for sale on Darknet

Hacker offers 117 million LinkedIn login details for sale on Darknet

Email addresses and passwords for over 100 million LinkedIn members have been put up for sale on the Darknet by the same hacker who stole the data from the site in 2012.

LinkedIn has admitted that the 2012 hack was significantly worse than previously thought since the new data dump emerged.

The company has advised all members to change their passwords as they take steps to contact members whose data has been compromised and invalidate the passwords of affected accounts.

Hackers gained access to the site in 2012 and posted 6.5 million encrypted passwords on a Russian hacker forum, but email addresses were not included in that dump.

The passwords from both releases were encrypted with “no salt,” making them easier to crack.

A salt is a random number that is needed to access encrypted data, along with a password.

READ MORE:‘Fireme’: Leaked LinkedIn passwords reveal dubious job satisfaction 

The hacker who released the data goes by the name of Peace. He is selling the information on a Darknet marketplace called The Real Deal for 5 bitcoin (around $2,200), according to Motherboard.

The search engine LeakedSource, which sells hacked data, also claims to have obtained the contents of the data dump, and asks affected users to contact them if they wish to be removed from their list.

Both LeakedSource and Peace claim that there are 167 million accounts in the hacked database, 117 million of those include both emails and encrypted passwords, Motherboard reports.

Security researcher Troy Hunt told Motherboard that he had spoken with some of the users affected by the leak.

A $5 million lawsuit was filed against Linkedin in the wake of the 2012 hack, blaming the company for its outdated security measures.

LinkedIn reminded users in its Wednesday statement that it now salts every password and urged members to use two-factor authentication.

Podcasts
0:00
25:26
0:00
14:40