Yesterday we reported that a user in Russian forum claiming that he had downloaded 6.46 million users’ hashed passwords from LinkedIn, the company has confirmed that user passwords to its site were compromised. It says that they are continuing to investigate the situation.
Interestingly, the site does not leave any stone unturned in saying that its new security system has helped affected members who updated their passwords and members whose passwords have not been compromised.
The company puts up a three point plan to help its users out:
- Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
- These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in this email. Once you follow this step and request password assistance, then you will receive an email from LinkedIn with a password reset link.
- These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.