We want to provide you with an update on LinkedIn member passwords that were published to a hacker’s site earlier this week. We want to reiterate that we sincerely apologize for the inconvenience this has caused our members and customers.
A recent blog post highlights the latest update. We encourage you to read it.
Know that most of the passwords on the list appear to remain hashed and hard to decode, but unfortunately a small subset of the hashed passwords was decoded and published.
To the best of our knowledge, no email logins associated with the passwords have been published, nor have we received any verified reports of unauthorized access to any member’s personal or LinkedIn Recruiter account as a result of this event.
Finally, our current production database for account passwords is salted as well as hashed, which provides an additional layer of security.
We are working hard to protect you, but there are also steps that you can take to protect yourself, such as:
- Make sure you update your password on LinkedIn (and any site that you visit on the Web) at least once every few months.
- Do not use the same password for multiple sites or accounts.
- Create a strong password for your account, one that includes letters, numbers, and other characters.
- Watch out for phishing emails and spam emails requesting personal or sensitive information.