LinkedIn Investigating Release of Over 100M Users' Data From 2012 Hack | NECN

LinkedIn Investigating Release of Over 100M Users' Data From 2012 Hack

    processing...

    NEWSLETTERS

    Getty Images, File
    In this photo illustration, the LinkedIn logo is displayed on the screen of a laptop computer on January 27, 2011, in San Anselmo, California.

    LinkedIn is aware of a set of over 100 million users' data that may have been released online by a hacker, the social media network said Wednesday.

    The password and email data that have apparently been released came to the company's attention Tuesday, Chief Information Security Officer Cory Scott wrote in a blog post. It appears the data was taken during a known security breach in 2012, after which the company required any users they believed were affected to reset their passwords.

    "We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," Scott said Wednesday.

    The stolen passwords were hashed, a form of encryption, LinkedIn says.

    Watch: Senators Pay Tribute to Joe Biden With Speeches

    [NATL] Watch: Senators Pay Tribute to Joe Biden With Humor, Remembrances
    Vice President Joe Biden was honored with an emotional bi-partisan tribute on the Senate chamber floor on Dec. 7. 2016. Senators on both sides of the aisle were on the same page as they stepped up to express their admiration and gratitude to the outgoing vice president. An emotional Biden sat in the presiding chair during the moving tribute, which latest for more than two hours as lawmakers celebrated their colleague. (Published Thursday, Dec. 8, 2016)

    In the wake of its initial 2012 hack, which LinkedIn believed resulted in 6.5 million hashed passwords being leaked, it added an extra layer of protection called "salting."

    Motherboard reports that the hacker, who goes by the name "Peace," listed 117 million emails and passwords on a hard-to-access web marketplace for the equivalent of about $2,200. A search engine for paid hacked data also told the news agency that it acquired the data, providing a sample of almost one million credentials and claiming to have hacked nearly all of them.

    LinkedIn suggests that users enable two-step verification (which sends a text or email to a person who's logging in from an unrecognized device) and strong passwords.