Hacker Puts 117m User Credentials from Linkedin Up for Sale on Dark Web

A hacker asserting he possesses the credentials of several million members of LinkedIn has started campaigning sale of the data on the Internet. The overtly long catalogue of usernames/passwords that the hacker apparently obtained through an assault against the professional social-networking website 4-yrs back is getting touted via the Dark Web, an area of the Web that can't be accessed through usual browsers while frequently serves as a platform to carry out illegal operations.

As per Motherboard a news website, one hacker calling himself "Peace" has posted all details about 117m members of LinkedIn on The Real Deal a darknet marketplace at the cost of 5 Bitcoins, the crypto-currency valuing 1,500 pounds.

Peace spoke to Motherboard while substantiated that the login credentials were from a hack of 2012 -suggesting that LinkedIn didn't let it go public how widely the breach had spread during the time. Thenextweb.com posted this, May 18, 2016.

Additionally according to Peace, whilst most of the stolen passwords were hashed/encrypted using SHA1 algorithm, 90%-or-more had already been deciphered. Motherboard itself too verified the passwords and electronic mail ids of a few impacted users.

A victim told the news site it was his current password that belonged to the list, albeit he altered to a fresh one immediately after becoming aware of the hack.

Meanwhile, LinkedIn Corp., of Mountain View, California that boasts of 400m members within two hundred nations and territories globally, stressed that there wasn't any sign of one fresh data-hack.

According to the company, it was working for figuring out just what total number of the listed user passwords continued to be utilized as also was proceeding towards resetting them while informing the said users.

Security specialists state this kind of incident rightly reminds that people must change their passwords often, ideally after some months every time, so that during surfacing of any hijacked information long afterwards, like within the current instance, users wouldn't get too worried.

Had LinkedIn made known the actual effect of the data-hack, people would've adopted the essential measures for protecting their accounts as also eschewed reapplying the same password for other A/Cs as that of LinkedIn.

» SPAMfighter News - 5/25/2016