LinkedIn has been added to the growing list of high-profile companies that have fallen victim to massive security breaches in recent years. The business-oriented professional social networking site released a statement on Wednesday, June 6th, confirming that approximately 6.5 million LinkedIn user passwords had been compromised in a huge security breach. Allegedly, a file with the encrypted passwords was posted on a Russian hacking site, possibly intended to crowdsource the hacking of difficult passwords. Over 200,000 of these passwords have been hacked already. Morgan & Morgan is currently investigating the matter and providing free case evaluations to individuals who have been affected by this turn of events.
Many experts have warned about the possible severity of such a security breach, suggesting that all users change their LinkedIn passwords and create unique, difficult-to-crack passwords for every social media and financial services account. Allegedly, the file posted on the Russian hacking site only contains passwords hashed using the SHA-1 algorithm and does not include profile names, e-mail addresses, or any other data. It is unknown, however, whether the original hackers have more passwords, corresponding e-mails, and user account names that they have not released. This information could be used to access user accounts, comprise fake “phishing” e-mail scams, and other scams that could compromise the financial security of LinkedIn users.
According to the Washington Post, the popular online dating site eHarmony experienced a security breach affecting around 1.5 million users. According to Privacy Rights Clearinghouse, a San Diego nonprofit that publishes known data breaches (as some breaches are unreported), 535 known breaches occurred last year. Even more shockingly, the nonprofit has stated that more than 545 million financial records have been stolen in the United States since 2005. Recent high-profile breaches have included Global Payments (Visa, MasterCard, American Express, Discover), Citigroup, Brazilian bank Banco Bradesco, the International Monetary Fund (IMF), the payment service PayPal, National Public Radio (NPR), the Israeli Stock Exchange, Google, and Sony’s PlayStation Network.
Although there have not yet been any reports of consumer fraud as a result of this breach, an unknown amount of sensitive information is likely currently in the hands of criminals. If you believe that you may be affected by this massive breach, fill out our simple, no-obligation form to receive a free evaluation of your LinkedIn security breach claim to learn more about your legal rights and discuss your options.