Hackers Steal over 6M LinkedIn Account Passwords

Hashed versions of user passwords from LinkedIn accounts have been snatched up and posted on a Russian hacker website and the group is now looking for help in extracting the actual passwords from the data.

While some LinkedIn users are confirming via Twitter that they found the encrypted version of their password in the hacked data, LinkedIn is only saying that it is looking into the reports.

LinkedIn loses 6.5 million passwordsLinkedIn loses 6.5 million passwords

LinkedIn users should change their account password even though the number of potentially compromised accounts make up less than 10 percent of service subscribers. LinkedIn passwords can be changed by logging into your account, choosing Settings from the drop down menu linked to your name in the website’s upper right corner, then clicking the Account button.

Unfortunately for LinkedIn, its headache doesn’t stop with stolen passwords. The company is also dealing with fallout from the news that its iPhone and iPad apps collect user calendar data and meeting notes as plain text.

LinkedIn responded by saying that it doesn’t store or share the information it collects, and that calendar and notes data is transmitted to its servers over a secure connection. The company also pointed out that using its synced calendar service is active only when users enable the feature.

The company also said, “We do not under any circumstances access your calendar data unless you have explicitly opted in to sync your calendar,” and added that it is dropping sync support for meeting notes with an app update that’s awaiting approval on Apple’s App Store.

[Thanks to Dagens IT for the heads up (translation)]

[Some image parts courtesy Shutterstock]