LinkedIn has announced plans to disable user accounts that are still using hacked passwords. The company says it will suspend the accounts of 6.5 million users and then send those users the information necessary to reset their account.
In a blog post LInkedIn director Vicente Silveira wrote:
“Our first priority was to lock down and protect the accounts associated with the decoded passwords that we believed were at the greatest risk. We’ve invalidated those passwords and contacted those members with a message that lets them know how to reset their passwords.”
“Going forward, as a precautionary measure, we are disabling the passwords of any other members that we believe could potentially be affected. Those members are also being contacted by LinkedIn with instructions on how to reset their passwords.”
The hack is also being investigated with the help of law enforcement after the hack of 6,458,020 hashed passwords were posted on a forum by a Russian hacker.
In the meantime LinkedIn will added salted hashes to its security layer which makes encrypted passwords harder to crack.
If you have not yet changed your LinkedIn password we recommend accessing your account as soon as possible and making the necessary password change.