Close  

Password breach spreads beyond LinkedIn

/ 04:17 PM June 08, 2012

WASHINGTON – More websites admitted security breaches Thursday after LinkedIn said some of its members’ passwords were stolen, and experts warned of email scams targeting users of the social network.

Security experts were warning customers of the hacked websites to be alert for fake emails which purport to warn about the breach but are in fact attempts to steal personal data, a phenomenon known as “phishing.”

ADVERTISEMENT

The US dating website eHarmony and the British-based music site Lastfm.com said their user accounts were also compromised and urged members to change their passwords.

“We are currently investigating the leak of some Last.fm user passwords,” the website blog said.

“This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we’re asking all our users to change their passwords immediately.”

EHarmony’s Becky Teraoka said that “a small fraction of our user base has been affected” and that “as a precaution, we have reset affected members’ passwords.”

Graham Cluley of the British security firm Sophos said data from 1.5 million eHarmony passwords was uploaded to websites, “where hackers were encouraged to join forces to crack them.”

Cluley also warned users of Lastfm.com to change their passwords.

But users were also being cautioned against clicking on links that purport to be from the compromised websites. LinkedIn said it was not including any links in its warnings to customers.

Mikko Hypponen of the Finland-based firm F-Secure said a flood of such phishing emails was likely.

“First change your LinkedIn password. Then prepare for scam emails about LinkedIn password changes, linking to phishing sites. Will happen,” he said in a Twitter message.

ADVERTISEMENT

Security experts said some 6.5 million LinkedIn accounts were posted to a Russian hacker forum, but that figure was being debated Thursday.

The security firm Imperva said the evidence suggests “the size of the breach is much bigger than the 6.5 million accounts” and added that “the passwords weren’t properly protected.”

TOPICS: Crime, hacking, infotech, linkedin
LATEST STORIES
MOST READ
Don't miss out on the latest news and information.
View comments

Subscribe to INQUIRER PLUS to get access to The Philippine Daily Inquirer & other 70+ titles, share up to 5 gadgets, listen to the news, download as early as 4am & share articles on social media. Call 896 6000.

For feedback, complaints, or inquiries, contact us.


© Copyright 1997-2019 INQUIRER.net | All Rights Reserved

We use cookies to ensure you get the best experience on our website. By continuing, you are agreeing to our use of cookies. To find out more, please click this link.