Heard About the LinkedIn Breach? Here's What You Need to Do
Last updated: May 25, 2016
A data breach at LinkedIn has recently been in the news. What makes this news different is that the breach originally occurred in 2012. It's back in the news because the information stolen was recently found being sold on the Internet. And the amount of data stolen was larger than originally thought. The information that was stolen was member email addresses, member IDs, and hashed passwords.
As a result, LinkedIn has invalidated the passwords on accounts that might be at risk. This includes accounts created before 2012 that hadn't changed their passwords since the breach. LinkedIn has also improved security since the 2012 breach including better hashing of passwords and providing additional account security. Read more from LinkedIn in this blog post.
What should you do? Change your LinkedIn password even if it wasn't invalidated. Make sure you make it strong by using upper and lower case letters, numbers, and symbols and at least 8 characters. If you used the same password on any other site, change it too. If any of your other passwords are similar to your LinkedIn password, change them. In addition, LinkedIn suggests that you enable two-step verification on your account.
While the data that was stolen was probably used long ago, this is just a reminder that you should use unique passwords for any account that has personal or financial information.