167 Million LinkedIn User Records For Sale by Hacker
Alexander Neil / 4 years ago
On the dark web, a hacker has come out to be selling the account details of 167 million users of the professional social networking site LinkedIn. The hacker announced his desire to sell these user records on dark website TheRealDeal, requesting a sum of 5 bitcoins, or around $2200, for the stolen data set which is thought to contain user IDs, email addresses, and SHA1 encoded passwords for a total of 167,370,940 users.
The records that are up for sale are far from complete, though it does represent around a third of LinkedIn’s 433 million registered members, which is a significant proportion. Troy Hunt, stated via email that “I’ve seen a subset of the data and verified that it’s legit.” Hunt is the creator and owner of the site Have I been pwned? which is dedicated to allowing users to check if they have been affected by any known data leaks or breaches, which should lend a lot of credibility to his assessment.
Currently, it is thought that this data could be related to the data breach that LinkedIn suffered back in 2012, which leaked the records of only 6.5 million users by comparison. This could mean that the 2012 breach was far larger than it was previously believed to be, with the remainder of the leaked data only surfacing now. Another site, LeakedSource, which is dedicated to indexing leaked data, claims to have a copy of the data set that is up for sale and hold the belief that the records originate from the 2012 breach.
This breach also raises some questions about LinkedIn’s data security practices as LeakedSouce went on to state that the passwords were stored in SHA1 with no salting, which is against best practice for storing user details online. As over 60% of the passwords of the 6 million leaked back in 2012 were able to be cracked by hackers, it is worrying to think that the same could be expected of this far larger data set and represents a real threat to users who may not have changed their account passwords since 2012 or even reused the same email and password combination across multiple sites.
LinkedIn is yet to comment on the break, however, it is recommended that any users of the site make sure to change their password and that of any other site with the same credentials.