LinkedIn is investigating reports that millions of user passwords have been breached and posted on a Russian hacker forum.
The post allegedly contains a file that lists roughly 6.45 million SHA-1 hashed but unsalted passwords of LinkedIn users. Usernames were not included.
“We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts,” blogged Vicente Silveira, director at LinkedIn.
“We are continuing to investigate this situation, and here is what we are pursuing as far as next steps for the compromised accounts: Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid. (Read More)