Slashdot Mirror

← Back to Stories (view on slashdot.org)

LinkedIn User? Your Data May Be Up For Sale (zdnet.com)

Posted by msmash on from the another-day,-another-hack dept.

An anonymous reader cites a ZDNet report: Reports indicate that a LinkedIn data breach may have led to the sale of sensitive data belonging to 117 million users. The company's website experienced a data breach in 2012, but the true consequences of the breach are only now becoming apparent. Users of LinkedIn's website in 2012 discovered that roughly 6.5 million user account passwords were posted online, and the company never completely confirmed just who was impacted by the security incident. However, a hacker called "Peace" told the publication that this information is being sold on the dark web for roughly $2,200, and paid hacker data search engine LeakedSource also claims to have the data. Both sources say there are approximately 167 million accounts in the data dump, 117 million of which have both emails and encrypted passwords.LinkedIn has acknowledged the breach. In a blog post, the company writes: Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012. We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords. We have no indication that this is as a result of a new security breach.

2 of 72 comments (clear)

  1. Not a big deal... by __aaclcg7560 · · Score: 5, Funny

    Hackers already got my background investigative interview file from the government. LinkedIn data will confirm my employment dates.

  2. No shit sherlock by BitZtream · · Score: 5, Insightful

    If you're a linked in user, YOUR DATA IS UP FOR SALE

    Its in the terms and conditions. They've been doing it since day one, its their business model, its well known.

    Now you're concerned that someone else stole it and is selling it?

    You put the data on a public website with the intention of showing it to others. There is no reason for you to be doing anything on linked in that you do not intend to be public.

    How can they 'steal' data that you are intentionally begging people to take? Thats the point of linked in to its users, YOU WANT PEOPLE TO 'STEAL YOUR DATA' on linked in.

    Do you guys get shocked when you write your name and phone number on the bathroom wall and then random people call you? Thats how stupid this story is.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager