 |
| In this May 9, 2011 file photo, LinkedIn Corp., the professional networking Web site, displays its logo outside of headquarters in Mountain View, Calif. LinkedIn said on Wednesday, June 6, 2012, it is investigating reports that more than six million passwords have been stolen and leaked onto the Internet. (AP Photo/Paul Sakuma) |
Related
articles
- Anonymous Says it Hacked Chinese Government Sites
- Multinational Swoop Nets Two Hackers: South Korea Police
- Hacker ‘Command’ Servers Seized in US: Microsoft
- Interpol Says Suspected Anonymous Hackers Arrested
- Facebook Founder’s Ode to ‘The Hacker Way’
The
professional social network LinkedIn said Wednesday some of its members’
passwords were stolen after reports said more than 6.4 million accounts were
breached.
“We can
confirm that some of the passwords that were compromised correspond to LinkedIn
accounts. We are continuing to investigate this situation,” LinkedIn director
Vicente Silveira said in a blog post.
“We
sincerely apologize for the inconvenience this has caused our members. We take
the security of our members very seriously.”
Silveira
said passwords on the compromised accounts were no longer valid, and that those
members will receive instructions on how to reset their passwords.
“There will
not be any links in these e-mails. For security reasons, you should never
change your password on any website by following a link in an e-mail,” he said.
For other
members, LinkedIn has implemented “enhanced security” for password protection,
he added.
Several
security researchers reported the breach, which resulted in data being posted
on a Russian hacker forum.
Graham
Cluley of the British security firm Sophos said the hacker posting “does
contain, at least in part, LinkedIn passwords.”
“Although
the data which has been released so far does not include associated e-mail
addresses, it is reasonable to assume that such information may be in the hands
of the criminals,” Cluley said in a blog post.
As a
result, Cluley said, “it would seem sensible to suggest to all LinkedIn users
that they change their passwords as soon as possible as a precautionary step.”
He said
users should ensure the password you use is not used on any other websites, and
hard to crack.
“If you
were using the same passwords on other websites — make sure to change them too.
And never again use the same password on multiple websites,” he said.
Jim Walter
of the McAfee Threat Intelligence Service said the breach is “a good reminder
to all internet users on the importance of maintaining an ever-changing and
complex password. A secure passphrase may be the only thing standing between
your personal data and those that wish to steal it.”
Just a day
earlier, LinkedIn was subject to criticism by a security firm for allowing too
much information to be revealed from its mobile application for Apple devices
which use the iOS platform.
“LinkedIn’s
mobile application has an interesting feature that allows users to view their
iOS calendars within the app. However, it turns out that LinkedIn have decided
to send detailed calendar entries of users to their servers,” said Adi
Sharabani and Yair Amit of Skycure Security.
This means
“highly sensitive information such as conference call details and passcodes”
could be revealed, they said in a blog.
“We do not
believe it utilized the collected information in a malicious way. However, we
are concerned by the fact it collects and sends out sensitive information about
its users, without a clear indication and consent.”
LinkedIn
claims to operate the world’s largest professional network with 161 million
members in 200 countries.
The
company, which went public last year at $45 a share, has doubled in value
despite woes about social networks. Shares closed up marginally at $93.08 on
Wednesday.
It posted a
profit of $5 million in the past quarter on revenues of $188 million.
A recent
survey showed LinkedIn is the most popular US site for posting jobs with 77
percent of openings shared there.
Agence France-Presse
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.