Millions of users of the social networking site LinkedIn have been told to reset their passwords after security information was stolen.
IT security and data protection firm Sophos said the leaked encrypted data does not include associated email addresses but warned that hackers will be working to crack the "unsalted" password hashes and "it is reasonable to assume that such information may be in the hands of the criminals".
Social networking website LinkedIn has provided these security tips following the reported theft of almost 6.5 million passwords. See the full statement here.
- Never change your password by following a link in an email
- Change your account passwords every few months
- Don’t use the same password on all the sites you visit
- Don’t use a word from the dictionary
- Never give your password to others or write it down
LinkedIn has provided an update on the reported theft of almost 6.5 million passwords. The social media website said it is "continuing to investigate" but that it has put measures in place for "the compromised accounts". A statement said:
Users affected by the theft will find that their password is no longer valid. They will receive an email explaining how to reset their passwords, but are warned not to do this by following any links in emails. LinkedIn did not say how many accounts were compromised.
Experts are advising LinkedIn users to watch out for scam emails that appear to be from the social networking site.
Adrian Chen from the Gawker website said the spam emails are likely to be slightly different in appearance. You should not give away any login details.
Users have also been advised to change their password to something unique, that they are not using on any other website. The nakedsecurity blog provides a guide on how to do this.
A consultant at IT security and data protection firm Sophos has said that the leak of six million passwords from LinkedIn does not include the associated email addresses.
But he warned that it is "reasonable to assume that such information may be in the hands of the criminals". He advised the following:
Social networking website LinkedIn has advised its users to "stay tuned" while it investigates reports that more than six million passwords have been stolen.
Internet experts have advised users to change their security details immediately after a file containing 6.5 million passwords was posted online.
Social networking website LinkedIn is looking into claims that the passwords of more than six million members have been stolen.
The site, which provides as social networking service for professionals, has in excess of 161 million members in more than 200 countries.
Soca have confirmed that their website continues to be offline following a hacking attempt.
A spokesman stressed that the attack did not pose any operational threat.
A Soca spokesman said the distributed denial of service attack (DDOS), which involves web addresses being hit by a flood of visits, did "not pose any security risk to the organisation".
Previous DDOS attacks have been linked to the loose-knit international "hacktivist" group Anonymous.
The Serious Organised Crime Agency (Soca) website has been taken temporarily offline after a distributed denial of service attack by computer hackers, a spokesman said today.