According to the lastest report over 117 million LinkedIn email addresses and passwords have been stolen and been put up for sale on the Dark Web. In 2012 LinkedIn suffered a huge data breach were more than 6 Million users accounts login details, including encrypted passwords were posted online by a Russian hacker.
The hacker, who goes by the name “Peace”, told the Motherboard reports that the data was stolen during the LinkedIn breach of 2012. At the time, only around 6.5 million encrypted passwords were posted online, and LinkedIn never clarified how many users were affected by that breach.
Peace is selling the data on the dark web illegal marketplace The Real Deal for 5 bitcoin (around $2,200). Even if a user changed their password following the 2012 hack, they could still be using the same password elsewhere on the web, leaving their accounts open to cyber criminals.
Since the passwords have been initially encrypted with the SHA1 algorithm, with “no salt,” it just took ‘LeakedSource‘, the paid search engine for hacked data, 72 hours to crack roughly 90% of the passwords. LeakedSource provided Motherboard with a sample of almost one million credentials, which included email addresses, hashed passwords, and the corresponding hacked passwords.
n 2015, Linkedin also agreed to settle a class-action lawsuit over 2012’s security breach by paying a total of $1.25 million to victims in the U.S, means $50 to each of them.
Latest posts by Unallocated Author (see all)
- The Digital Revolution: Ways to Drive Business Growth in the Private Education Sector - March 9, 2020
- Top Cybersecurity Trends In 2020 - February 20, 2020
- Microsoft Rolled Out Huge Patch Tuesday February With 99 Bug Fixes - February 14, 2020