LinkedIn Breach Data Leaked

Back in 2012, LinkedIn lacked some basic security requirements around password security and as a result, they were breached, data was stolen, and LinkedIn and most of the Internet media sites warned users to change their passwords. LinkedIn even enabled two-factor authentication for those who wanted to enroll in it.

The number of records stolen was greater than 100 million. The problem with a number that large is that many would not have seen the warnings about the breach and some don’t see the importance of having diverse passwords, know how to change their passwords, or know if they should care to change their passwords.

A hacker has come forward recently, pseudo-anonymously, named “Peace” who has claimed it was he (or she) and the data is up for sale on the darkweb for the low price of 5 bitcoins ($2,200 USD)… probably because some of the data is older and could be unusable.

It’s important to have diverse passwords, a different one for different services and accounts that are used. Sites, based on their content, will have different security requirements and will protect authentication data differently. A compromise of your credentials on a weak site can lead to the compromise of your account on a stronger site.

If a website offers two-factor or two-step verification, opt for it! It’s inconvenient, but much less likely that  your account will be compromised.

This entry was posted in Security Blog and tagged , , , , , , , , , , , , , . Bookmark the permalink.