Skip to main content

117 million emails and passwords leaked from LinkedIn's 2012 hack

In 2012, the business-oriented social network LinkedIn was hacked and its users are still being affected by that hack to this day.

The company announced yesterday that another data set, taken during the hack four years ago, has appeared online. The emails and passwords of over 100 million LinkedIn users were included in the data set. The company is working to validate the accounts that were leaked and it is trying to contact the users whose emails and passwords were posted online to inform them to change their passwords as soon as possible.

During the initial hack in 2012, hackers were able to gain access to LinkedIn's network and steal around 6.5 million encrypted passwords. The passwords were posted onto a hacker forum in Russia and the encryption was cracked quickly.

A new report from Motherboard has revealed that a hacker using the alias Peace has been attempting to sell the emails and passwords of 117 million LinkedIn members. He is using an illegal marketplace on the dark web to attempt to sell the data set for $2,200 in bitcoin.

Since the data set up for sale was acquired during the LinkedIn's 2012 hack, all of the passwords are poorly encrypted and could easily be cracked. So far, 90 per cent of the passwords in the data set have been cracked within the short time span of 72 hours and some of the users were still using the same passwords from 4 years ago.

If you or anyone you know has a LinkedIn account that pre-dates the 2012 breach, it is highly advised that you change your password as soon as possible and consider changing your password on the other sites and services you use that could just as easily fall victim to an attack.

Image Credit: Bloomua / Shutterstock

Anthony Spadafora
After living and working in South Korea for seven years, Anthony now resides in Houston, Texas where he writes about a variety of technology topics for ITProPortal.