A user on a Russian forum has claimed to have downloaded 6.46 million user hashed passwords from LinkedIn.
It looks as though some of the weaker passwords — around 300,000 of them — may have been cracked already. Other users have been seen reaching out to fellow hackers in an apparent bid to seek help in cracking the encryption.
Finnish security firm CERT-FI is warning that the hackers may have access to user email addresses also, though they appear encrypted and unreadable.
A source said they had searched and discovered their password in the cache. It has been reported that the passwords were encrypted using the SHA-1 algorithm — which is known for its flaws — but unless a password is weak, it may take a while to decrypt the remaining cache.
LinkedIn has more than 150 million users worldwide. This apparent hack could affect less than 10 percent of its user base, but it will strike a damaging blow to the ‘professional’ social network’s reputation.
It is advised users change their passwords as a precautionary measure.
LinkedIn said it was “looking into reports of stolen passwords” on its official Twitter account.
It looks as though some of the weaker passwords — around 300,000 of them — may have been cracked already. Other users have been seen reaching out to fellow hackers in an apparent bid to seek help in cracking the encryption.
Finnish security firm CERT-FI is warning that the hackers may have access to user email addresses also, though they appear encrypted and unreadable.
A source said they had searched and discovered their password in the cache. It has been reported that the passwords were encrypted using the SHA-1 algorithm — which is known for its flaws — but unless a password is weak, it may take a while to decrypt the remaining cache.
LinkedIn has more than 150 million users worldwide. This apparent hack could affect less than 10 percent of its user base, but it will strike a damaging blow to the ‘professional’ social network’s reputation.
It is advised users change their passwords as a precautionary measure.
LinkedIn said it was “looking into reports of stolen passwords” on its official Twitter account.

 
0 comments:
Post a Comment