LinkedIn hack : 117 million email ids and passwords are being offered for sale on underground forums on Dark Web
A hacker known as ‘Peace’ has put up 117 million LinkedIn users email addresses and passwords for sale on the Dark Web underground forum. According to Motherboard the email ids and passwords Peace is trying to sell was stolen from the professional networking site in 2012.
In 2012, LinkedIn was hacked and at that time hackers had leaked 6.5 million encrypted passwords online. At that time, security experts had suspected that the hackers may have stolen much more than 6.5 million user ids and passwords. Now with this sale offer of 117 million login credentials, their fears have come true.
Leaked Source, a professional search engine for hacked data, has also claimed to have gotten their hands on the data. A representative of Leaked Source as well as the hacker, both say that of the 167 million hacked accounts in the database, 117 million have both the emails as well as encrypted passwords.
Things about the LinkedIn breach:
– Dates to 2012
– SHA1 with no salt (I believe it's changed since)
– Weak passwords will be easily cracked
— Troy Hunt (@troyhunt) May 18, 2016
“It is only coming to the surface now,” said the Leaked Source representative. “People may not have taken it very seriously back then as it was not spread. To my knowledge the database was kept within a small group of Russians.”
Users may kindly note that during the 2012 data breach, LinkedIn had accepted the hack took place but never clarified exactly how many users were affected.
Motherboard quoted a LinkedIn spokesman as saying the company was “looking into the incident”.