Details of more than 100m LinkedIn users hacked

Users of the professional networking service LinkedIn were being warned to change their passwords and lock down their online security on Wednesday, after it emerged the email addresses and matching passwords of more than 100 million users could be for sale online.

It’s understood the information was taken during a high-profile security breach at LinkedIn in 2012.

At the time, it was thought the details of 6.5 million users was stolen, but it now appears up to 117 million users had their data compromised.

“It is only coming to the surface now,” said a spokesperson for LeakedSource, speaking to Vice’s technology news service Motherboard.

LeakedSource - a searchable online database for data breaches - claims to have details of what was stolen in the LinkedIn breach.

“People may not have taken it very seriously back then as it was not spread,” the spokesperson added.

“To my knowledge, the database was kept within a small group of Russians.”

An anonymous netizen known as ‘Peace’ is understood to be trying to sell the information on the dark web.

LinkedIn has said it is looking into the breach, but offered no further comment.

Toni Gidwani, director of analysis at ThreatConnect, agreed that the leak is likely the tail of the 2012 LinkedIn hack.

"The good news is that basic security practices, such a not reusing passwords across different sites and leveraging two-factor authentication whenever possible - are an effective way to both prevent unauthorized access to your accounts and to limit the possible contagion when breaches occur.

"The long lag time between the breach and passwords now appearing for sale suggests the data has already been mined for other nefarious purposes," Gidwani said.

She said LinkedIn, with a rich context of professional networks is a gold mine for "adversaries" looking to use social engineering on targets for future attacks, with users more likely to open an article sent by a trusted LinkedIn connection than a Nigerian prince.

"Four years after the fact, the breached data set still has some nominal monetary value, which is why it’s for sale for only a handful of bitcoin.

"But the trickier question is figuring out who has been exploiting the breached data for the last four years and to what end," Gidwani asked.