LinkedIn said today that some passwords on a list of allegedly stolen hashed passwords belong to its members, but did not say how its site was compromised.
“We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts,” Vicente Silveira, a director at the professional social networking site, wrote in a blog post.
LinkedIn has disabled the passwords on those accounts, it said. Account holders will receive an e-mail from LinkedIn with instructions for resetting their passwords. The e-mails will not include any links. Phishing attacks often rely on links in e-mails that lead to fake sites designed to trick people into providing information, so the company says it will not send links in e-mails.
Affected account holders will then receive a second e-mail from LinkedIn customer support explaining why they need to change their passwords.
Earlier this morning, LinkedIn had said it found no evidence of a data breach, despite the fact that LinkedIn users were reporting that their passwords were on the list.
Related stories
- LinkedIn: we see no security breach…so far
- What to do in case your LinkedIn password is hacked
- Millions of LinkedIn passwords reportedly leaked online
- LinkedIn’s app transmit user data without their knowledge
More to come…
Related Links:
LinkedIn’s app transmits user data without their knowledge
Hackers claim breach of China Telecom, Warner Bros. networks
Thousands of Twitter passwords exposed
The guide to password security (and why you should care)
Startup whisperer Reid Hoffman thinks social is still big
via CNET Latest News http://news.cnet.com/8301-1009_3-57448465-83/linkedin-confirms-passwords-were-compromised/?part=rss&subj=latest-news2&tag=title
