LinkedIn hacked, better change your password

Security experts are warning that 6 million LinkedIn passwords appear to have been hacked and are advising you to change your password.

Richard Trenholm Former Movie and TV Senior Editor

Richard Trenholm was CNET's film and TV editor, covering the big screen, small screen and streaming. A member of the Film Critic's Circle, he's covered technology and culture from London's tech scene to Europe's refugee camps to the Sundance film festival.

Expertise Films, TV, Movies, Television, Technology

See full bio

Richard Trenholm

June 6, 2012 9:56 a.m. PT

2 min read

Six million LinkedIn passwords appear to have been stolen. Security experts are warning that your LinkedIn account could be compromised, and have advised all users to change their password.

It seems that a Russian hacker posted 6,458,020 unsalted password hashes on a forum and invited hackers to help crack them. The file does not appear to contain associated email addresses, but they could be in the hands of cyberwrong'uns separately.

The 6 million passwords make up about 4 per cent of LinkedIn's 160 million users. As LinkedIn has a paid premium option, it's possible hackers could log in to access your credit card information.

LinkedIn has yet to confirm or deny that a breach has taken place, tweeting, "Our team continues to investigate, but at this time, we're still unable to confirm that any security breach has occurred." Online security experts Sophos researchers say they've found LinkedIn passwords in the file, however.

Sophos' Graham Cluley suggests you should change your LinkedIn password as a precautionary step. "Make sure that the password you use is unique –- in other words, not used on any other websites -– and that it is hard to crack," he advises. "If you were using the same passwords on other websites, make sure to change them too -- and never again use the same password on multiple websites."

Quite how you're supposed to remember hundreds of different passwords is beyond me. Gotta have a system, I suppose. To change your password, log onto your LinkedIn account. Click on your name in the upper right corner, click the link for Settings, and hit the Change link next to Password. Enter your old password and then create a new one, unique to LinkedIn.

Funnily enough this isn't the only privacy headache LinkedIn has faced today: a new calendar sync feature has also proved controversial. The feature syncs your calendar to LinkedIn in order to for you to see information about the people you're meeting with, pulled from their LinkedIn profile. LinkedIn has responded to criticism by ditching the sync option for the notes section of the meeting, as well as denying that information was sent unencrypted.

You can turn the calendar sync off if that bothers you. It's an opt-in feature though, so if you haven't turned it on it won't affect you.

Are you a regular LinkedIn user? You can get more information at twitter.com/LinkedIn, and tell me what you think in the comments or on our Facebook page.

Services and Software Guides

VPN

Cybersecurity

Streaming Services

Web Hosting & Websites

Other Services & Software

Services and Software Coupons