Go Back   English Forum Switzerland > Help & tips > TV/internet/telephone  
Reply
 
Thread Tools Display Modes
  #1  
Old 06.06.2012, 22:14
Castro's Avatar
à la mod
 
Join Date: Nov 2007
Location: ZG
Posts: 5,515
Groaned at 117 Times in 95 Posts
Thanked 16,415 Times in 5,227 Posts
Castro has a reputation beyond reputeCastro has a reputation beyond reputeCastro has a reputation beyond reputeCastro has a reputation beyond reputeCastro has a reputation beyond reputeCastro has a reputation beyond repute
Major security breach at LinkedIn

If you have a LinkedIn acct, it might be wise to change the password, especially if you use the same one for multiple sites (like my mate )

LinkedIn investigates hacking claims

Business social network examines claims by security analysts that more than 6 million users' details have been posted online

Josh Halliday
guardian.co.uk, Wednesday 6 June 2012 15.13 BST

LinkedIN is examining claims that more than 6 million users' encrypted passwords have been placed online. Photograph: David Loh/Reuters
LinkedIn has launched an investigation into reports that its password database has been compromised with more than 6 million users' details posted online.

The business social network is examining claims by security analysts that millions of encrypted passwords have been published on a Russian hackers' website.

Graham Cluley, the cyberthreats expert, said the passwords were now likely to be in the hands of criminals. He advised the website's 160m worldwide users to immediately change their login details.

The security scare will cause fresh embarassment for LinkedIn, which is also facing privacy concerns about its mobile calendar application.

LinkedIn had not returned requests for comment at the time of publication, but said in a message on Twitter: "Our team is currently looking into reports of stolen passwords. Stay tuned for more."

Per Thorsheim, the security researcher who first raised the alarm about the apparent leak, said on Wednesday that the 6.5m encrypted passwords "will probably be a lot more users" because some will have the same login details.

Cluley, an analyst at Naked Security, said in a blogpost that users' emails addresses had not been published on the Russian hackers' website.

But he added: "It is reasonable to assume that such information may be in the hands of the criminals. As such, it would seem sensible to suggest to LinkedIn users that they change their passwords as soon as possible as a precautionary step. Of course, make sure that the password you use is unique (in other words, not used on any other websites), and hard to crack."

Those accused of being behind the breach have asked other hackers to help decrypt the protected passwords. If linked to a premium users' account, the hackers could gain access to credit card details used to pay for subscriber access to the site.

The file posted online reportedly contains 6,458,020 so-called "SHA1 unsalted password hashes", which would be straightforward for a skilled hacker to link to a user's details.

Earlier on Wednesday 6 June, LinkedIn was forced to fend off privacy concerns about its mobile calendar app. The company said its iPhone and iPad app can access detailed information about its users' daily activity, including location, meeting notes, and the email addresses of people a user meets with.

source
Reply With Quote
The following 5 users would like to thank Castro for this useful post:
  #2  
Old 07.06.2012, 08:20
grynch's Avatar
Forum Legend
 
Join Date: Nov 2006
Location: Geneva/Vaud
Posts: 4,976
Groaned at 51 Times in 47 Posts
Thanked 5,199 Times in 2,354 Posts
grynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond repute
!!! LinkedIn/eHarmony password breach !!!

( thread in Internet access?.. ya, I think so )


We just received this message from our head of IT as a heads up for users of "LinkedIn"..
It seems this also pertains to you sad, sad people that have signed up for "eHarmony" as well.
1) LinkedIn has suffered a significant security breach resulting in around 6.5 million passwords being posted on the Internet (just the passwords, no userID information it seems at this point). You should change your passwords immediately. For more information take a look at this article http://arstechnica.com/security/2012...d-to-linkedin/

2) In light of this, there is a massive increase in LinkedIn related scam messages arriving in our mailboxes, asking to "confirm your email address". Delete these immediately. One clue to this scam is the way the link for the linkedin addresses are formed - they appear to be legit, however the second i in the ".linkedln." part is actually a lowercase l (L) not a capital i as it seems!! These guys are very sneaky, so beware!

From the article above, it appears that eHarmony have also suffered a similar breach with 1.5 million passwords being posted, so if you are a user of this service you should also change your password immediately.

Regards,

( n.b. -- I suppose we should brace for another round of phone calls from certain off-shore people now. )
__________________
Champagne don't make me crazy...

Last edited by grynch; 07.06.2012 at 08:37.
Reply With Quote
  #3  
Old 07.06.2012, 08:35
Village Idiot's Avatar
Forum Legend
 
Join Date: Jul 2009
Location: Basel
Posts: 3,649
Groaned at 33 Times in 30 Posts
Thanked 6,878 Times in 2,215 Posts
Village Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond repute
Re: !!! LinkedIn/eHarmony password breach !!!

Quote:
View Post
From the article above, it appears that eHarmony have also suffered a similar breach with 1.5 million passwords being posted, so if you are a user of this service you should also change your password immediately.
This is a new, modern twist on "some other guy running off with my date."

It's not because he's richer, more handsome, or stronger than me... It's because he stole my eHarmony password!
Reply With Quote
  #4  
Old 07.06.2012, 11:34
Phil_MCR's Avatar
Forum Legend
 
Join Date: Oct 2009
Location: Basel
Posts: 14,317
Groaned at 277 Times in 183 Posts
Thanked 17,733 Times in 7,486 Posts
Phil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond repute
Re: !!! LinkedIn/eHarmony password breach !!!

ouch passwords stored as unsalted sha1 hash. amazing such a major site still has such bad password policies. looks like over half the passwords have now already been cracked. change yours while you still can.
Reply With Quote
  #5  
Old 07.06.2012, 16:24
Tom1234's Avatar
Forum Legend
 
Join Date: Jan 2007
Location: Kanton Luzern
Posts: 15,422
Groaned at 501 Times in 401 Posts
Thanked 22,411 Times in 9,110 Posts
Tom1234 has a reputation beyond reputeTom1234 has a reputation beyond reputeTom1234 has a reputation beyond reputeTom1234 has a reputation beyond reputeTom1234 has a reputation beyond reputeTom1234 has a reputation beyond repute
Re: !!! LinkedIn/eHarmony password breach !!!

Quote:
View Post
ouch passwords stored as unsalted sha1 hash. amazing such a major site still has such bad password policies. looks like over half the passwords have now already been cracked. change yours while you still can.
What's to stop the new one being hacked too?
Reply With Quote
  #6  
Old 07.06.2012, 16:55
Phil_MCR's Avatar
Forum Legend
 
Join Date: Oct 2009
Location: Basel
Posts: 14,317
Groaned at 277 Times in 183 Posts
Thanked 17,733 Times in 7,486 Posts
Phil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond reputePhil_MCR has a reputation beyond repute
Re: !!! LinkedIn/eHarmony password breach !!!

Quote:
View Post
What's to stop the new one being hacked too?
make it a super long password with a large character set.
Reply With Quote
This user would like to thank Phil_MCR for this useful post:
  #7  
Old 07.06.2012, 10:59
Sbrinz's Avatar
RIP
 
Join Date: Oct 2011
Location: Murten - Morat
Posts: 11,885
Groaned at 563 Times in 354 Posts
Thanked 11,548 Times in 5,941 Posts
Sbrinz has a reputation beyond reputeSbrinz has a reputation beyond reputeSbrinz has a reputation beyond reputeSbrinz has a reputation beyond reputeSbrinz has a reputation beyond reputeSbrinz has a reputation beyond repute
Re: Major security breach at LinkedIn

Thanks Castro, I have told my friends, they were grateful too!
Reply With Quote
  #8  
Old 07.06.2012, 11:30
NotAllThere's Avatar
Forum Legend
 
Join Date: Oct 2008
Location: Baselland
Posts: 13,065
Groaned at 209 Times in 186 Posts
Thanked 18,952 Times in 7,722 Posts
NotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond repute
Re: Major security breach at LinkedIn

If you wish to check if your password is possibly one of those hacked, you can go to www.leakedin.org

You enter your password. It is converted - on your machine - to the hashed value, and then this is compared against the file containing the hacked passwords. (This is so that your password is at no time known to the www.leakedin.org website). I.e. it's safe. If you trust me.

If you get a positive, it doesn't mean you've been hacked - someone else may have been using the same password.

if you get a negative, it doesn't mean you haven't been hacked. The file may not be complete.
__________________
Down with racism. Long live miscegenation!
Reply With Quote
  #9  
Old 07.06.2012, 11:42
grynch's Avatar
Forum Legend
 
Join Date: Nov 2006
Location: Geneva/Vaud
Posts: 4,976
Groaned at 51 Times in 47 Posts
Thanked 5,199 Times in 2,354 Posts
grynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond reputegrynch has a reputation beyond repute
Re: Major security breach at LinkedIn

Quote:
View Post
If you get a positive, it doesn't mean you've been hacked - someone else may have been using the same password.

if you get a negative, it doesn't mean you haven't been hacked. The file may not be complete.
so what you're saying is this site is pretty useless?
Reply With Quote
  #10  
Old 07.06.2012, 11:55
mirfield's Avatar
Moddy Wellies
 
Join Date: Apr 2007
Location: North Yorkshire
Posts: 8,716
Groaned at 54 Times in 48 Posts
Thanked 9,623 Times in 3,557 Posts
mirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond repute
Re: Major security breach at LinkedIn

Just logged in to LinkedIn to change my password and noticed the following;

major-security-breach-linkedin-safeashouses.jpg


So I needn't bother changing then
Reply With Quote
The following 2 users would like to thank mirfield for this useful post:
  #11  
Old 07.06.2012, 16:01
Newbie 1st class
 
Join Date: May 2008
Location: Basel
Posts: 11
Groaned at 0 Times in 0 Posts
Thanked 2 Times in 2 Posts
lucas_pt has no particular reputation at present
Re: Major security breach at LinkedIn

Thanks!
People should change their password often!
Reply With Quote
  #12  
Old 07.06.2012, 17:17
adrianlondon's Avatar
Forum Legend
 
Join Date: Nov 2009
Location: Basel
Posts: 9,169
Groaned at 171 Times in 154 Posts
Thanked 25,643 Times in 6,892 Posts
adrianlondon has a reputation beyond reputeadrianlondon has a reputation beyond reputeadrianlondon has a reputation beyond reputeadrianlondon has a reputation beyond reputeadrianlondon has a reputation beyond reputeadrianlondon has a reputation beyond repute
Re: Major security breach at LinkedIn

Quote:
View Post
If you wish to check if your password is possibly one of those hacked, you can go to www.leakedin.org
So, just type in my password to some random web site? Yeah, I'll get right on it.
Reply With Quote
Reply




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
US issued card holders take note ( security breach issue ) jrspet International affairs/politics 1 31.03.2012 14:54
Security guards at school - where are we, anyway? aslor Complaints corner 18 27.01.2011 08:25
Major Problems at Zürich HB [14 Dec 2009] Slaphead Transportation/driving 26 14.12.2009 15:36
Guardian Jobs in UK - Security Breach transition International affairs/politics 0 26.10.2009 13:51
Fast? transit times at Luton (Easyjet) and security?? muze7 Travel/day trips/free time 10 15.05.2007 00:10


All times are GMT +2. The time now is 06:01.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0