[Chapter-delegates] [DNB] LinkedIn investigating reports that 6.46 million hashed passwords have leaked online (fwd)

Veni Markovski veni at veni.com
Thu Jun 7 07:24:51 PDT 2012 

Thank you, Lucy.

And in case some of you have used the same password somewhere else, make 
sure you change that one, too. If you cannot remember all different 
passwords / logins, try using some software, like 1password (unless it 
also has issues - Marcin, others?). More here: 
http://mashable.com/2012/06/06/linkedin-password-check/

veni

On 06/06/2012 18:58, Lucy Lynch wrote:
> All -
>
> For those linkedin users out there (and you know who you are) -
> Please take a minute to login and change your password to something
> long, easy to remember, and secure (see below) -
>
> https://xkcd.com/936/
>
> Thanks -
>
> Lucy Lynch
> Trust and Identity Initiatives
> Internet Society (ISOC )
>
> ---------- Forwarded message ----------
> Date: Wed, 06 Jun 2012 16:51:42 +0100
> From: Ian Cook <ian at cymru.com>
> To: ians_dragon_newsbytes at lists.cymru.com
> Subject: [DNB] LinkedIn investigating reports that 6.46 million hashed 
> passwords
>      have leaked online
>
> Title: LinkedIn investigating reports that 6.46 million hashed
> passwords have leaked online
> Author: Aaron Souppouris
> Source: The Verge
> Date Published: 6th June 2012
>
> Excerpt:
>
> '....A user in a Russian forum is claiming to have hacked LinkedIn
> to the tune of almost 6.5 million account details. The user uploaded
> 6,458,020 hashed passwords, but no usernames. It's not clear if they
> managed to download the usernames, but it's likely that both have
> been downloaded.There is a possibility that this could be a hoax,
> but several people have said on Twitter that they found their real
> LinkedIn passwords as hashes on the list. Many of the hashes include
> "linkedin," which seems to add credence to the claims.
>
> We spoke with Mikko Hypponen, Chief Research Officer at F-Secure,
> who thinks this is "a real collection." He told us he is "guessing
> it's some sort of exploit on their web interface, but there's no way
> to know. I am sure sure LinkedIn will fill us in sooner or later.".....'
>
> To read the complete article see:
> http://www.theverge.com/2012/6/6/3067523/linkedin-password-leak-online
>
>
> The opinions expressed in the posted news items do not necessarily
> reflect the views of Team Cymru.
>
> The appearance of hyperlinks does not constitute endorsement
> by Team Cymru of an external Web site, or any commercial
> company, information, products or services contained therein.
>
> Dragon News Bytes is a Private and Restricted mailing
> list.
>
> The information transmitted is intended only for the person or
> entity to which it is addressed and any retransmission or
> dissemination is prohibited.
>
> To subscribe to this mailing list, please signup at:
> https://lists.cymru.com/mailman/listinfo/ians_dragon_newsbytes
> and then send an email to: outreach at cymru.com
> providing some personal background.
>
>
>        _       //` `\
>      _,-"\%   // /``\`\
> ~^~ >__^  |% // /  } `\`\    Team Cymru
>        )  )%// / }  } }`\`\  Dragon News Bytes
>       /  (%/`/.\_/\_/\_/\`/
>      (    `         `-._`
>       \   ,     (  \   _`-.__.- %>
>      /_`\ \      `\ \." `-..- `
>     ``` /_/`"-=-``/_/
>         ```       ```
>
> For more Security News see:
> www.team-cymru.org/News
> www.team-cymru.org/News/secnews.rss
> http://twitter.com/teamcymru
>
> There are many way to keep up with what Team Cymru are doing:
> * Join our announce list via cymru-announce-subscribe at cymru.com
> * Join our printed newsletter list via quarterly at cymru.com
> * See what we see, www.team-cymru.org/Monitoring/Graphs
> * Cool stuff you can use: www.team-cymru.org/Services/
> * Team Cymru's YouTube Channel: www.youtube.com/teamcymru
>
>
> _____________________________________________________
>
> Ian Cook
> Security Evangelist
> Team Cymru
> http://www.team-cymru.org/About/contact.html
> http://uk.linkedin.com/in/ianccook
>
> 'To communicate simply you must understand profoundly'
> _______________________________________________
> Staff mailing list
> Staff at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/staff
> _______________________________________________
> Chapter-delegates mailing list
> Chapter-delegates at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/chapter-delegates
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://elists.isoc.org/mailman/private/chapter-delegates/attachments/20120607/19f15c0c/attachment.htm>

More information about the Chapter-delegates mailing list