2012 Linkedin hack is back to haunt 117 million users

Remember way back in 2012, when Linkedin was hacked? It's been a few years, so if you don't remember, that's understandable. Back then, roughly 6.5 million users had their passwords shared online, thanks to a hacker that was able to obtain them. Thankfully, the released passwords didn't have the account email addresses listed with them, which meant that there were likely no unauthorized logins to the site.

Since it appeared that no real harm came from the hack, it was forgotten about not long after. However, today that same hack appears to be causing some major headaches for the site, and its users. This is because 117 million usernames and passwords for the website have been posted for sale online.

So why does this have anything to do with the hack that took place back in 2012? Well, as it turns out, the passwords that are included in this sale use the same unsalted SHA-1 hashes that were used back in 2012. Linkedin changed the way they store passwords after the hack four years ago. This means that the data that's up for sale is around four years old.

So what does this mean for the average Linkedin user? Well, if you had an account back in 2012, and you haven't changed your password since then, you're going to want to do that. If you use Facebook to sign into Linkedin, your information should be safe, as this was not included in the hack.

VIA: Motherboard