If it’s any consolation for LinkedIn users wondering if their password has been stolen, LinkedIn claims the stolen passwords were not published with corresponding email logins.
LinkedIn has released a new statement about the breach, which saw a reported 6.5 million passwords published online. Since then, LinkedIn states it has disabled any decoded passwords that were published, as well as all passwords on the list that it believed “created risk” for LinkedIn members. Passwords of any members that could be “potentially affected” have been disabled. These users are asked to create new password.
What should come as more relief if you’re a LinkedIn user though, is that LinkedIn says the passwords were not published with corresponding email addresses. Not only would this have left your LinkedIn account wide open, but if you use the same password for your email and LinkedIn, the risk would have been that someone would then has the keys to your email account. Potentially just as worrying as having someone break into your LinkedIn, we’d argue.
No-one has reported a “compromised” LinkedIn account as a result of this incident, LinkedIn Director Vicente Silveira states.
LinkedIn has received criticism from various quarters for not adding additional encoding to its passwords. LinkedIn states it now applies this extra encoding to all its members’ passwords.
The site also points out that whether their passwords are stolen or not, users should change their password every few months.