Hacker sells around 117 million LinkedIn profile database on deep web

 AROUND 117 MILLION LINKEDIN PROFILE DATABASE HAS BEEN SOLD ON DEEP WEB

We all heard about LinkedIn social network which mainly concentrates on business men’s and Professional person’s . One hacker named Peace who comes to sell a LinkedIn database in Deepweb market place. This database was stolen during the LinkedIn breach of 2012.

We can note that Peace has 16 legacy sales with all being positive, bar one neutral sale. At least one of these, the final one, relates to the LinkedIn database and it is said to be ‘as described…’ The price is 4.5126 BTC and so it is by no means cheap, but given the potential uses a black hat might have for it that could be seen as a sound investment.

Leaked Source, a search engine for the hacked world, Peace is selling the data on the dark web illegal marketplace The Real Deal for 5 bitcoin (around $2,200). The paid hacked data search engine Leaked Source also claims to have obtained the data. Both Peace and the one of the people behind Leaked Source said that there are 167 million accounts in the hacked database. Of those, around 117 million have both emails and encrypted passwords.

Security vendors said the incident illustrates that security breaches can run deeper than they initially seem to do, as well as illustrating the value of login credentials – especially to social media sites – in the hands of hackers.

Whether or not current LinkedIn users should be concerned comes down to a handful of factors: did you have an account during the time of the 2012 breach, have you changed your password since, and has that password been reused on other websites?

If you’re not sure, a best practice would be to change it anyway, as well as on other critical sites where you may be using that same password such as your banking website, email, or Face book, for example.

LinkedIn says that it has increased its security measures in the years since the breach, by introducing stronger encryption, email challenges and two-factor authentication. But this hack was from an earlier era, before these protections were in place. They would also not necessarily protect users from hackers who had obtained email and password combinations.

linkedin

[click in the image to zoom]

THE FULL TEXT OF LINKEDIN’S STATEMENT IS BELOW

In 2012, LinkedIn was the victim of an unauthorized access and disclosure of some members’ passwords. At the time, our immediate response included a mandatory password reset for all accounts we believed were compromised as a result of the unauthorized disclosure. Additionally, we advised all members of LinkedIn to change their passwords as a matter of best practice.

Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012. We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords. We have no indication that this is as a result of a new security breach.

We take the safety and security of our members’ accounts seriously. For several years, we have hashed and salted every password in our database, and we have offered protection tools such as email challenges and dual factor authentication. We encourage our members to visit our safety centre to learn about enabling two-step verification, and to use strong passwords in order to keep their accounts as safe as possible.

 

NOTE:

The deep web news which comes in this website are collected from various internet sources. Some content might be disturbing , unpleasant or fraudulent. We recommend you to use this news for research purpose only! We are not responsible for any damage caused by your action.

 

 

Leave a Reply