View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

117 million stolen LinkedIn user emails and passwords sold on Dark Web

News: Hacker claims details were taken during cyber attack in 2012.

By Alexander Sword

A hacker claims to have captured account information of millions of LinkedIn users and is selling it online.

A news update posted by LinkedIn says that an additional set of data claiming to be email and hashed password combinations of over 100 million LinkedIn members had now appeared online.

These credentials were claimed by the hacker to be from a 2012 attack on LinkedIn, as a result of which the company advised all members to change passwords and provided a mandatory reset for all accounts believed to be compromised.

According to MotherBoard, the data is being sold on the dark web illegal marketplace The Real Deal for 5 bitcoin, worth around $2,200, by a hacker using the name ‘Peace’.

MotherBoard said that in addition to Peace, paid hacked data search engine LeakedSource claims to have obtained the data.
LinkedIn said that there was no evidence that this had been the result of a new breach.

The social network said that it was taking "immediate steps to invalidate the passwords of the accounts impacted" and added that members who had been affected would be contacted and asked to reset their passwords.

The main dangers of a breach like this are not so much the data stored in LinkedIn accounts, mostly generic employment information, but the associated data.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"The most valuable data in the LinkedIn compromise may not be the passwords at all, but the enormous registry of email addresses connected to working professionals," said Tod Beardsley, Security Research Manager at Rapid7.

"For several years, we have hashed and salted every password in our database, and we have offered protection tools such as email challenges and dual factor authentication," LinkedIn wrote in the post on the site.

"We encourage our members to visit our safety center to learn about enabling two-step verification, and to use strong passwords in order to keep their accounts as safe as possible," said LinkedIn.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.