LinkedIn suffers data breach - security experts

BOSTON/NEW YORK Thu Jun 7, 2012 4:19am IST

The sign up page of is seen in Singapore, May 20, 2011. REUTERS/David Loh/Files

The sign up page of is seen in Singapore, May 20, 2011.

Credit: Reuters/David Loh/Files

Related Topics



BOSTON/NEW YORK (Reuters) - Computer security experts in the United States and Europe warned they have uncovered evidence that the social networking site LinkedIn (LNKD.N) has suffered a data breach that may have compromised the passwords of millions of users.

LinkedIn Corp said Wednesday via Twitter and on its blog that it was "unable to confirm" that a breach had occurred.

"Our security team continues to investigate," Vicente Silveira, an engineer with the social networking site, said on the LinkedIn blog.

It could take several days, or up to a week, for LinkedIn to confirm there was a breach and identify its source, said Mary Landesman, senior security researcher with a company known as Cloudmark that helps secure messaging systems.

LinkedIn, which made its stock debut last year, is a social media company that caters to companies seeking employees and people scouting for jobs.

It has more than 161 million members worldwide. One of the Mountain View, California-based company's main initiatives is to grow internationally - 61 percent of its membership is located outside the United States.

Marcus Carey, security researcher at Boston-based Rapid7, said he was "highly confident" that LinkedIn had been the victim of a serious breach, based on his analysis of the data posted on the forums.

He said he believed the attackers had been inside LinkedIn's network for at least several days, based on the type of information stolen and quantity of data released.

"While LinkedIn is investigating the breach, the attackers may still have access to the system," Carey warned. "If the attackers are still entrenched in the network, then users who have already changed their passwords may have to do so a second time."

Officials with LinkedIn declined to comment on whether an attack might still be in progress.

The site did provide advice on how customers can change their passwords after several security firms issued advisories suggesting that they do so immediately.

"While our investigation continues, we thought it would be a good idea to remind our members that one of the best ways to protect your privacy and security online is to craft a strong password, to change it frequently ... and to not use the same password on multiple sites," Silveira said in the blog post. (

The suspected breach is the latest in a long string of high-profile hacks affecting companies and governments around the world, which have put the personal information of millions at risk.

In the suspected LinkedIn breach, computer security experts discovered files with some 6.4 million scrambled passwords on Tuesday, which they originally suspected belong to LinkedIn members because some of the passwords included the phrase "LinkedIn," said Graham Cluley, a senior technology consultant with British computer security software maker Sophos.

When Sophos dug further, it turned out that other passwords found on the list belonged to Sophos employees who only used them to secure their LinkedIn accounts, he said. But it is possible that all or just some of those 6.4 million passwords belong to LinkedIn members, Cluley added.

The data was found on underground websites where criminal hackers frequently exchange stolen information, including scrambled passwords.

The files included only passwords and not corresponding email addresses, which means that people who download the files and unscramble the passwords will not easily be able to access any accounts with compromised passwords.

Yet analysts said it is likely that the hackers who stole the passwords also have the corresponding email addresses and would be able to access the accounts.


At least two security experts who examined the files believed to contain the stolen LinkedIn passwords said the company had failed to use best practices for protecting the data.

The experts said that LinkedIn used a vanilla or basic technique for encrypting, or scrambling, the passwords which allows hackers to quickly unscramble all passwords after they figure out the formula by which any single password has been encrypted.

The social network could have made it extremely tedious for the passwords to be unscrambled by using a technique known as "salting," which means adding a secret salt to each password before scrambling it.

"What they did is considered to be poor practice," Landesman said.

Last year, a security researcher warned that LinkedIn had flaws that make users' accounts vulnerable to attack by hackers because of the way it manages cookies. Cookies are small pieces of data sent from a website and stored in a computer user's Web browser. They are commonly used as a way to compile long-term records of individuals' browsing histories, and have raised concerns about privacy.

LinkedIn was co-founded by former PayPal executive Reid Hoffman in 2002 and makes money selling marketing services and subscriptions to companies and job seekers.

LinkedIn shares closed 8 cents higher at $93.08 on Wednesday.

(Reporting By Jim Finkle and Jennifer Saba; Editing by Tim Dobbyn and Matthew Lewis)



Reuters Showcase


Vodafone Tax Case

India's Vodafone decision eases tax worries for Shell, others  Full Article 

Facebook Earnings

Facebook Earnings

Facebook tops Wall Street revenue target in 4th quarter.  Full Article 

Japanese Hostage

Japanese Hostage

Islamic State said to set new deadline for hostage swap  Full Article 

Cricket World Cup

Cricket World Cup

Batting holds key for team India in World Cup  Full Article 


Australian Open

Serena fends off Keys to book blockbuster Sharapova final   Full Article | Related Story 

Road To Development

Road To Development

Build better roads in developing world to bolster food supplies - study  Full Article 


Laser Pioneer Dies

Laser's co-inventor, Nobel laureate Charles Townes, dead at 99  Full Article 

New ODI Record

New ODI Record

Sri Lanka's Sangakkara breaks ODI record for dismissals  Full Article 

Rohingya Muslims

Rohingya Muslims

Rohingya refugees say traffickers in Malaysia abuse and kill.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device  Full Coverage