LinkedIn Notifies Users of Data Breach
Yesterday, LinkedIn sent users an email in response to a May 17 report that user login information was for sale on the dark web.
The data, which had been stolen in a 2012 hack, includes member email addresses, hashed passwords and LinkedIn member IDs.
The email says that LinkedIn immediately invalidated the passwords of all LinkedIn accounts they believed were at risk. This included users who had been members since before 2012 and who had not changed their passwords since the breach.
In addition to invalidating passwords, LinkedIn said they “are using automated tools to attempt to identify and block any suspicious activity that might occur on LinkedIn accounts. We are also actively engaging with law enforcement authorities.”
The company also claims to have strengthened security since the 2012 breach by moving to “salted hashes” to store passwords and offering members a two-step verification process.
In the email, the company said that to maintain account security, members should use strong passwords and consider shifting to two-step verification.
If you want to know if your data may have been compromised in this attack, you can visit Have I Been Pwned? Simply enter your email address, and you can learn if your information has been compromised.