LinkedIn, the professional networking site now has millions of users’ credentials in the public domain. These credentials from the beginning of this decade are up for sale on the deep web.
Nothing is private or secure on the internet. Whether it is your photos stored on a cloud platform, credit card information, banking details or login credentials for your mail and social media accounts. If they are not compromised already, then they may get stolen anytime. The same thing happened with LinkedIn few years ago. But who knew that the user data stolen way back in 2012 will return to bite them in the back.
According to the reports, over 117 million email ids and passwords belonging to LinkedIn users are now up for sale on the deep web. These details were allegedly stolen by a hacker/hacking group going by the name of ‘Peace’. LinkedIn had a security breach in 2012, in which the hackers had posted about 6.5 million encrypted passwords belonging to the platform’s users on the public domain. However, that was thought to be the end of it, as hackers, at that time, didn’t bother to post any more of the stolen information. Even LinkedIn decided not to divulge any details regarding the total number of compromised accounts, or how the hacker managed to steal information for the platform.
Now, with Peace deciding to sell the stolen credentials on ‘The Real Deal’, a crypto marketplace on the deep web, those interested to lay their hands upon the data can do so at the cost of 5 bitcoins. The online criminal reportedly communicated with one of the tech sites, and mentioned that over 167 million credentials were stolen during the breach and out of the 167 million, 117 million of them also included passwords.
While it is highly possible that most of the users have already changed their credentials since the attack, but there are a considerable number of people who have never bothered to do so. Motherboard reports that the security engineers at LinkedIn have verified the stolen credentials currently up for sale and confirmed that they indeed belong to their users and are part of the information stolen during the 2012 security breach.
Every year, millions of users have their personal information stolen from various platforms. Recently, users of Ashley Madison, an online networking, and dating portal had their information stolen due to a massive hack. The hackers, armed with their information had blackmailed the victims, demanding ransom in bitcoin. It is in the best interests of the individuals to keep their online identity secure. The best practice is to use complex words along with digits and symbols as passwords instead of simple, easily identifiable ones.
Those using LinkedIn, better change the passwords right away to prevent the account from being hacked.
Ref: Motherboard Image: NewsBTC