Tags: LinkedIn | Passwords | Stolen | security

Security Experts: LinkedIn Passwords May Have Been Stolen

Wednesday, 06 June 2012 01:17 PM EDT

Computer security experts in the United States and Europe warned they have uncovered evidence that the social networking site LinkedIn has suffered a data breach that compromised the passwords of an unknown number of its users.

LinkedIn said via Twitter early on Wednesday that it was "unable to confirm" that a security breach had occurred. "Our team continues to investigate," the Tweet said.

Officials with the professional networking site could not be reached to elaborate.

Computer security experts discovered files with some 6.4 million scrambled passwords on Tuesday, which they originally suspected belong to LinkedIn members because some of the passwords included the phrase "LinkedIn," said Graham Cluley, a senior technology consultant with British computer security software maker Sophos.

When Sophos dug further, it turned out that other passwords found in the list belonged to Sophos employees who only used them to secure their LinkedIn accounts, he said. But it is possible that all or just some of those 6.4 million passwords belong to LinkedIn members, Cluley added.

The data was found on underground websites where criminal hackers frequently exchange stolen information, including scrambled passwords.

The files only included passwords and not corresponding email addresses, which means that people who download the files and unscramble the passwords will not easily be able to access any accounts with compromised passwords.

Yet analysts said it is likely that the hackers who stole the passwords also have the corresponding email addresses and would be able to access the accounts.

Marcus Carey, security researcher at Boston-based Rapid7, said he was "highly confident" that LinkedIn had been the victim of a serious breach, based on his analysis of the data posted on the forums.

He said he believed the attackers had been inside LinkedIn's network for at least several days, based on the type of information stolen and quantity of data released.

"While LinkedIn is investigating the breach, the attackers may still have access to the system," Carey warned. "If the attackers are still entrenched in the network, then users who have already changed their passwords may have to do so a second time."

Security software maker F-Secure of Finland warned LinkedIn customers to be on the lookout for scam emails that might be sent to them using data stolen from the social networking site.

"Will happen," F-Secure Chief Research Officer Mikko Hypponen said via Twitter. A federal judge ordered the U.S. Food and Drug Administration to reconsider two public petitions to restrict the use of certain antibiotics in animal feed, court filings showed.

The ruling, filed on Friday, marks a second key setback for the FDA amid growing criticism that overuse of antibiotics in animal feed is endangering human health by creating antibiotic-resistant bacteria.

The company was co-founded by former PayPal executive Reid Hoffman in 2002 and makes money selling marketing services and subscriptions to companies and job seekers.

© 2024 Thomson/Reuters. All rights reserved.

Wednesday, 06 June 2012 01:17 PM
Newsmax Media, Inc.

Sign up for Newsmax’s Daily Newsletter

Receive breaking news and original analysis - sent right to your inbox.

(Optional for Local News)
Privacy: We never share your email address.
Join the Newsmax Community
Read and Post Comments
Please review Community Guidelines before posting a comment.
Get Newsmax Text Alerts

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

© Newsmax Media, Inc.
All Rights Reserved
© Newsmax Media, Inc.
All Rights Reserved