LinkedIn in '117 million users' breach
A hacker has been trying to sell 117 million LinkedIn users' emails and passwords on the dark web, which was apparently obtained from a hack in 2012.
A number of security researchers have said that that this breach looks like the real deal, with log-ins for sale on two separate hack websites.
Well, LinkedIn have decided to respond to this news, saying that "no indication that this is result of a new security breach", even though the original breach was meant to involve 6.5 million bits of data, as opposed to the 117 million which are online.
LinkedIn have said that the meant to send out a password reset notification to the accounts which have been compromised, however, most people probably missed it because they've marked all LinkedIn emails as spam because they've been pestered into oblivion.
Honestly, what's with that LinkedIn? You even send dozens of emails to people who have deleted their accounts, you weirdos.
They say: "In 2012, LinkedIn was the victim of an unauthorised access and disclosure of some members' passwords. At the time, our immediate response included a mandatory password reset for all accounts we believed were compromised as a result of the unauthorised disclosure."
"Additionally, we advised all members of LinkedIn to change their passwords as a matter of best practice. Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012."
"We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords. We have no indication that this is as a result of a new security breach."
"We take the safety and security of our members' accounts seriously. For several years, we have hashed and salted every password in our database, and we have offered protection tools such as email challenges and dual factor authentication. We encourage our members to visit our safety center to learn about enabling two-step verification, and to use strong passwords in order to keep their accounts as safe as possible."