Wondering if that LinkedIn password e-mail is real? Read on.

Security Management Magazine by Megan Gates

LinkedIn is invalidating passwords for all accounts created before 2012 following the disclosure that 100 million members’ passwords may have been compromised.

In a post on the social network’s blog, LinkedIn confirmed that in 2012 it was the victim of an unauthorized access and disclosure of 6.5 million of its users’ passwords.

“At the time, our immediate response included a mandatory password reset for all accounts we believed were compromised as a result of the unauthorized disclosure,” the blog post said. “Additionally, we advised all members of LinkedIn to change their passwords as a matter of best practice.”

On Tuesday, however, LinkedIn became aware that an additional set of data that has been released claims to be e-mail and hashed password combinations of more than 100 million LinkedIn members from the 2012 theft.

The data is reportedly for sale on a dark web market called The Real Deal by the dealer Peace, who is selling the data for 5 Bitcoin (approximately $2,200), according to Forbes.

Due to this new development, LinkedIn began invalidating passwords on Wednesday for all accounts created before the 2012 breach that have not updated their password.

“We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will continue those members to reset their passwords,” the blog post explained. “We have no indication that this is as a result of a new security breach.”

LinkedIn said it will be notifying individual users if they need to reset their password. “However, regularly changing your password is always a good idea and you don’t have to wait for the notification,” it explained.

To change your password on LinkedIn, follow the below instructions:

Login to your LinkedIn account
Move your cursor over your photo in the top right of your homepage and select Privacy & Settings
Select the Account tab at the top of the page
Under the Basics section, click Change next to Change Password
Enter your old password, type your new password, and then type it again to confirm it. (Passwords are case sensitive and must contain at least six characters.)
Select the checkbox if you’d like to automatically be signed out of all sessions once you change your password
Click Save

Author: Gregory Schmidt, CPP, PSP, CHSS

Gregory M. Schmidt, CPP, PSP, CHSS of Eagle/ Trident Security is board certified in Security Management, Physical Security, and Healthcare Security supervision. He has over thirty years of experience developing dynamic security programs, plans and policies for businesses in Indiana, Kansas and Florida. His conversation-style personal safety seminars are highly regarded and always in demand. Mr. Schmidt is a member of ASIS International, the International Association for Healthcare Security & Safety and the American Society for Healthcare Engineering. View all posts by Gregory Schmidt, CPP, PSP, CHSS

The Author

Gregory M. Schmidt, PSP, CHS-I of Eagle/ Trident Security is a board certified Physical Security Professional and is certified in Homeland Security. He has over thirty years of experience developing dynamic security programs, plans and policies for businesses and healthcare facilities in Indiana and Florida. His conversation-style personal safety seminars are highly regarded and always in demand. Mr. Schmidt is a member of ASIS International, the International Association for Healthcare Security & Safety, the American Board for Certification in Homeland Security, and the American Society for Healthcare Engineering.

Greg can be reached at greg@eagletrident.com or 317/ 573-6799.

Share this:

Like this:

Related

Author: Gregory Schmidt, CPP, PSP, CHSS