Hackers news is everywhere, the trend is picking up. Linkedin with more than 150 Million users, is in trouble with hackers posting 6.5 million encrypted passwords on Russian Forum and invited hacking community for decryption.
The report got confirmed when the Linkedin confirmed it on twitter that
Our team is currently looking into reports of stolen passwords. Stay tuned for more.
Twitter users are already reporting that they’ve found their hashed LinkedIn passwords on the list. Linkedin uses SHA-1 cryptographic hash function for encoding its passwords, which makes it little secure but still the simple password will be decoded very fast. So if you have linkedin account, please change your passwords and if you use the same password elsewhere then please change them too.
Now why hackers did this is because of the linkdein latest IOS App collecting information from calendar entries including passwords and transmitting it back to the company’s servers without users’ knowledge. Linkedin tried to defend itself by explaining that the feature was opt-in facility.
In a statement posted on the company’s blog, LinkedIn’s mobile product head Joff Redfern said a new “learn more” link would be added to the app so users have a clearer picture about how their information is being used and transmitted.