Yesterday news came out that 6.5 million LinkedIn passwords were leaked in a Russian forum when the alleged hacker bragged about his efforts. It wasn’t clear though if the usernames of the acquired passwords were also taken but some believe that they have been. LinkedIn released a statement on their blog yesterday confirming the breach and installed advanced security measures to protect uncompromised accounts, and those compromised accounts who were quick to change their passwords.
The following was taken from LinkedIn Director Vicente Silveira’s post::
We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts:
- Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
- These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.
- These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
LinkedIn is not the only one with breached user accounts this week as eHarmony, the online dating site, reported that 1.5 million of their user accounts were compromised. Security experts discovered scrambled files with passwords for millions of online accounts.
Like LinkedIn, eHarmony declined to give the specific numbers of compromised accounts and stated that they are continuing their investigation. eHarmony reset the passwords of the compromised accounts and those members with the breached accounts will be receiving an e-mail from them informing them of the password change and instructions on how to reset their passwords.
eHarmony recommends the following steps for their users:
- Create a strong password of at least 8 characters, composed of lowercase and uppercase letters, numbers and symbols
- Create different passwords for each of the Internet sites you use
- Change your passwords every few months