Four years ago, hackers ripped user passwords from the servers of LinkedIn and eHarmony. Original reports had the number of affected users at 6.5 million, according to the former company. Now that number has jumped significantly after someone tried to sell the passwords online.
Hackers stole the log-in information of 117 million users in 2012, according to a Motherboard report. 167 million accounts were affected in some way. This story broke after a hacker known as “Peace” went to sell it all on a dark web marketplace, The Real Deal. Plus, a search engine for hacked data, Leaked Source, also claimed to have gotten their hands on it.
LinkedIn has confirmed the scope of the hacking.
“We have begun to invalidate passwords for all accounts created prior to the 2012 breach that haven’t updated their password since that breach,” the networking company wrote in a statement. “We will be letting individual members know if they need to reset their password.”
They advise users to periodically change their passwords, for safety’s sake. And they also had a threat: “We have demanded that parties cease making stolen password data available and will evaluate potential legal action if they fail to comply.”
LinkedIn’s threat may meet “practical obstacles,” Professor Eben Moglen, a tech law expert at Columbia University, told LawNewz.com. After all, perps might be hard to find thanks to the nature of the Internet.
But it’s possible. A FBI investigation sank the dark web marketplace “Silk Road 2.0” in 2014, and rounded up alleged ringleaders.
Follow Alberto Luperon on Twitter (@Alberto Luperon)