Nearly 6.5 million passwords belonging to users of the professional social networking site LinkedIn have been leaked online, according to reports.
Users are being urged to change their login details over fears that, if confirmed, the leak would compromise vast amounts of personal data, including contact information. The information was reportedly posted as encrypted on a Russian hackers’ website and 300,000 are said to have been decrypted, with work ongoing, according to the respected technology blog The Next Web.
LinkedIn, which faced criticism recently after it was revealed that its mobile app was sending certain information from users’ phones back to the company without their knowledge, posted a message on Twitter saying it was looking into the reports, which are as yet unconfirmed.
A file containing 6,458,020 encoded passwords was posted online, and hackers across the world are said to be collaborating to decipher them.
“Although the data which has been released so far does not include associated email addresses, it is reasonable to assume that such information may be in the hands of the criminals.
“As such, it would seem sensible to suggest to LinkedIn users that they change their passwords as soon as possible as a precautionary step. Of course, make sure that the password you use is unique (in other words, not used on any other websites), and hard to crack,” wrote online security expert Graham Cluley on his blog.
A spokesman for the networking site said: "LinkedIn’s security team continues to investigate today’s reports of stolen passwords. At this time, we’re still unable to confirm that any security breach has occurred. While our investigation continues, we have posted guidance for our members on how to update your password along with other security best practices."