If you're one of the 400 million people with a LinkedIn account, you won't believe this. You need to act fast to protect your personal information.
Your email address and LinkedIn password could be for sale on the dark web. A hacker is trying to sell 117 million passwords for just $2,200.
Worse, LinkedIn knew about the breach for years and hasn't done much to warn you about it. Incredibly, this breach occurred in 2012, but the massive scope of it is just now coming to light.
In 2012, it was believed that fewer than 7 million LinkedIn passwords were stolen in a huge data breach. LinkedIn confirmed the breach and started forcing users to create new passwords.
Now that those 117 million passwords are for sale, LinkedIn says it is taking action, without revealing if they've known about the size of the breach all these years. (See LinkedIn letter below.)
In that letter, LinkedIn refers to "salting" and "hashing." Those are two steps used to encrypt, or securely lock your information so hackers can't get in. It's believed that, in 2012, LinkedIn's encryption used only one of those steps.
Unfortunately, a lot of people affected by this breach used passwords that are super easy for hackers to guess. Actually, anyone can guess the breached passwords.
Try this: Can you guess the most common LinkedIn password?
Answer: Among the breached data, it's "123456". Unbelievably, more than 64 percent of the stolen passwords were simply "123456".
The next most common password in the breach? Number two was "linkedin" followed by "password" at number three. Note: Keep reading for two simple tips to create a super-secure password.
Here's LinkedIn's letter:
How to stay safe:
- Don't make these five password mistakes (read more here): 1) too short, 2) too simple, 3) not unique, 4) write it down, 5) never change it
- Get a password manager. We recommend a program called Keepass.
Creating long, complicated passwords is easy, but remembering them is a bit more complicated. You've got online passwords for your banks, your credit cards, your investment funds and much more.
However, Keepass makes it easy to safely store and retrieve your passwords whenever you need them.