Leave a comment

If you use LinkedIn, you have to read this warning

If you use LinkedIn, you have to read this warning

One of the biggest problems with data breaches is that it's difficult to measure the full effect of the fallout. Sometimes data breaches occur for months before they're detected. And even after they're detected, the scammers have collected a wealth of information that they can use for other scams.

This news story is evidence of how data breaches can cause problems long after they've been "controlled."

Back in 2012, LinkedIn fell victim to a massive data breach where passwords and logins were compromised. The issue was believed to have been contained, but recent reports indicate the situation was much larger than originally thought. Last week, investigators discovered that the breach impacted 117 million people - a number which is much higher than the seven million people originally reported. If you missed that story, you can read it here.

Now, it's believed that the information which was stolen from LinkedIn back in 2012 is causing an even bigger problem. The information has been sold online, and is leading to new scams.

In an effort to warn users about the possibility of new scams, LinkedIn issued the following email.

Sent: Wednesday, May 25, 2016 2:13:27 PM
Subject: Important information about your LinkedIn account
 

LinkedIn
Notice of Data Breach
You may have heard reports recently about a security issue involving LinkedIn. We would like to make sure you have the facts about what happened, what information was involved, and the steps we are taking to help protect you.
What Happened?
On May 17, 2016, we became aware that data stolen from LinkedIn in 2012 was being made available online. This was not a new security breach or hack. We took immediate steps to invalidate the passwords of all LinkedIn accounts that we believed might be at risk. These were accounts created prior to the 2012 breach that had not reset their passwords since that breach.
What Information Was Involved?
Member email addresses, hashed passwords, and LinkedIn member IDs (an internal identifier LinkedIn assigns to each member profile) from 2012.
What We Are Doing
We invalidated passwords of all LinkedIn accounts created prior to the 2012 breach that had not reset their passwords since that breach. In addition, we are using automated tools to attempt to identify and block any suspicious activity that might occur on LinkedIn accounts. We are also actively engaging with law enforcement authorities.
LinkedIn has taken significant steps to strengthen account security since 2012. For example, we now use salted hashes to store passwords and enable additional account security by offering our members the option to use two-step verification.
What You Can Do
We have several dedicated teams working diligently to ensure that the information members entrust to LinkedIn remains secure. While we do all we can, we always suggest that our members visit our Safety Center to learn about enabling two-step verification, and implementing strong passwords in order to keep their accounts as safe as possible. We recommend that you regularly change your LinkedIn password and if you use the same or similar passwords on other online services, we recommend you set new passwords on those accounts as well.
For More Information
If you have any questions, please feel free to contact our Trust & Safety team at tns-help@linkedin.com. To learn more visit our official blog.

 

This email is actually legitimate. The problem is that scammers have also noticed that the email is being sent out, and are now creating counterfeit emails.

These fake emails prompt users to update their account login information, including their password and the answers to their security questions. The scam is, of course, a phishing scam that is designed to trick you.

Please help us spread this word of warning to anyone who uses LinkedIn. If you receive an email from LinkedIn regarding the leak of this information, do not click on anything. It's best to update your login credentials by going to the LinkedIn site directly.

Use the buttons below to share this article with your family and friends.

Next Story
Source: FileHippo
Time warp: iPhone found in 350-year-old painting
Previous Happening Now

Time warp: iPhone found in 350-year-old painting

Toyota recalls another 1.6 million cars
Next Happening Now

Toyota recalls another 1.6 million cars

View Comments ()