117 million stolen LinkedIn emails and passwords for sale on dark web
117 million stolen LinkedIn email addresses and passwords have been put up for sale on the Dark Web, according to reports.
A hacker named Peace is selling the database, which includes details of 167 million accounts featuring both emails and passwords for 117 million users, Motherboard reported. The data is believed to have been stolen during the 2012 LinkedIn hack.
It includes both hashed and cracked passwords, and researcher Troy Hunt has verified that at least some of them are accurate. The database is being sold on a Dark Web marketplace for five Bitcoin (£1,560), but has implications beyond LinkedIn for the affected users.
Even if a user changed their password following the 2012 hack, they could still be using the same password elsewhere on the web, leaving their accounts open to cyber criminals.
The incident is another advertisement for the information security best practice of using a complex, unique password for each of your online accounts.
LinkedIn also offers a two-step verification option to protect your account.
Research recently revealed that consumers are holding back their personal information from companies following recent high-profile data breaches.
TalkTalk, which suffered a large data breach about six months ago, took a financial hit from its attack but has “bounced back strongly”. And nine in ten professionals in the financial services sector say they believe their organisations are vulnerable to cyber attacks. All of this is bad news for businesses when research has revealed that two thirds of large firms have suffered cyber attacks in the last year.