- Egypt rights center raided, 2 Mubaraks acquitted
- New Mexico Supreme Court rules same-sex marriage constitutional
- Blame Bush: 5 years later, that’s still the mantra, pollsters find
- Dutch prostitutes demand same retirement benefits as soccer stars
- John McCain to Harry Reid: I’ll ‘kick the crap’ out of you
- Dogs that talk: Researchers seek $10K for ‘No More Woof’ technology
- 1,000 firefighters called to battle stubborn Big Sur wildfire
- Black Friday brouhaha: Millions of Target shoppers hit by credit card theft
- Britain orders airplane to rescue citizens from violent South Sudan
- Mega Millions winner emerges as Georgia mom, in ‘disbelief’
Nearly 6.5 million LinkedIn passwords are published by hackers
Question of the Day
Almost 6.5 million encrypted passwords for the professional networking site LinkedIn were posted online by Russian hackers, the company said Wednesday.
"We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts," Director Vicente Silveira wrote in a blog post. "We are continuing to investigate."
The company, which boasts 161 million users in 200 countries, said it has no immediate indication that hackers had compromised its systems, but advised its users to change their passwords immediately.
Although the e-mails and user names associated with the passwords were not included in the posting, "it is reasonable to assume that such information may be in the hands of the criminals," said Graham Cluley of United Kingdom-based Sophos Security.
"Russian hackers are about to pillage and plunder," wrote one worried user on the site in response to news of the disclosure.
Access to the passwords would give hackers control of the compromised accounts, which could be used in identity theft or other online scams, warned Thomas Ryan, a New York-based security consultant.
Mr. Ryan said a particular concern are "daisy chain" attacks because many people unwisely use the same password for multiple online accounts.
"If someone has used the same password for a bank or e-mail account, they are vulnerable to daisy-chain attacks," he said.
The passwords are encrypted, but more than 200,000 already have been deciphered and almost all of them would be crackable in time, warned Mr. Cluley and others monitoring Russian hacker sites.
Some security professionals suggested that the hackers who posted the passwords are seeking help from other site users in decrypting them — a process known as crowdsourcing.
Encryption transforms passwords and user names into meaningless strings of characters. But because the encryption process is standardized, it is possible to guess a password, encrypt it, and then search for that character string in a set of encrypted passwords.
Given enough computing power to make thousands of guesses a second, and enough time, hackers can crack almost any password that uses words from the dictionary or other common character combinations like "123456" or "qwerty."
Generally experts recommend that passwords be more than eight characters long, contain special characters like an exclamation mark and contain at least one one capital letter. Because an upper-case character is encrypted differently than the lower-case character, using a combination of them makes a password harder to crack.
LinkedIn acknowledged facing cybersecurity threats in a recent filing with the Securities and Exchange Commission. The filing stated that the LinkedIn site had experienced disruptions and even been taken temporarily offline at times by cyberattacks. Future disruptions were possible, the SEC filing warned.
© Copyright 2013 The Washington Times, LLC. Click here for reprint permission.
About the Author
By Michael P. Orsi
Edward Snowden should declare his patriotism in court
- Citing 'unfair system,' Obama commutes sentences for 8 crack offenders
- Gov't wasted $30 billion on 'pillownauts,' crystal goblets -- buying human urine!
- Homeland Security helps smuggle illegal immigrant children into the U.S.
- Bill Gates: The Secret Santa disguised as a 'friendly fellow' on Reddit
- Obamacare 'pajamas boy' gets roundly mocked
- BOLTON: Nero in the White House
- Armed response, not restrictive gun laws, brought swift end to school shooting
- Duck Dynasty Phil Robertson suspended indefinitely for gay quip
- OBAMASCARE: Huge premium hikes rock employer-insured workers
- UHLER and FERRARA: Obamacare, the end of the progressive era
Independent voices from the The Washington Times Communities
Southern Fried Politics from the Lens of a Persian-American Millennial
All of the world’s problems, solved on your back porch
Top 10 handguns in the U.S.
Extraordinary day at Redskins Park
White House pets gone wild!
Let it snow