Millions of hacked LinkedIn IDs advertised 'for sale'

   NEWS / 20 May 2016

A hacker is advertising what he says is more than one hundred million LinkedIn logins for sale.

The IDs were reportedly sourced from a breach four years ago, which had previously been thought to have included a fraction of that number.

At the time, the business-focused social network said it had reset the accounts of those it thought had been compromised.

LinkedIn now plans to repeat the measure on a much larger scale.

One expert said the service should have reset all its accounts the first time round.

LinkedIn is often used to send work-related messages and to find career opportunities - activities its members would want to stay private.

Criminals could make use of this information or see if its subscribers had used the same passwords elsewhere.

"We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," a spokeswoman for the California-based firm told the BBC.

"We have no indication that this is a result of a new security breach.

"We encourage our members to visit our safety centre to ensure they have two-step verification authentication and to use strong passwords in order to keep their accounts as safe as possible."

Login leak

Details of the sale were first reported by the news site Motherboard.

It said the details were being advertised on at least two hacking-related sites.

A total of 117 million passwords are said to be included.

The passcodes are encoded, but in a form that appears to have been relatively easy to reverse-engineer.

LinkedIn had about 165 million accounts at the time of the breach, but the discrepancy in the figures might be explained by the fact that some of its users logged in via Facebook.

Invalidated IDs

After the breach first occurred, a file containing 6.5 million encrypted passwords was posted to an online forum in Russia.

LinkedIn reacted by saying it had invalidated all the accounts it believed had been compromised and emailed affected members saying they needed to register new passwords.

But Motherboard has tracked down one user, whose details are in the batch currently on sale, and found that the password listed for him was still active.

A security researcher who has also been given access to about one million of the advertised IDs said he believed it was "highly likely" that the leak was real.

"I've personally verified the data with multiple subscribers [of my own site] 'Have I been pwned'," Troy Hunt told the BBC.

"They've looked at the passwords in the dump and confirmed they're legitimate."

Another expert noted that the problem stemmed from the fact that LinkedIn had originally "hashed" its passwords but not "salted" them before storing them.

Hashing involves using an algorithm to convert passwords into a long string of digits. Salting is an additional step meant to stop unauthorised parties from being able to work around the process.

"A salt involves adding a few random characters, which are different on a per-user basis, to the passwords [before they are hashed]," explained Rik Ferguson, chief technology officer at the cybersecurity firm Trend Micro.

By doing this, he added, you prevent hackers from being able to refer to so-called "rainbow tables" that list commonly-used passwords and the various hashes they produce, and then see if any of the hashes match those in the stolen database.

LinkedIn introduced salting after the attack, but that only benefits the login databases it generated afterwards.

"Using salting is absolutely best practice for storing passwords under any circumstances and was the case back in 2012 as well," Mr Ferguson said.

"If LinkedIn is saying now that it didn't know which accounts had been affected by the breach, then the sensible thing to have done at the time would have been a system-wide forced reset of every password."

x

ACAI Group

Branding & Corporate Stationery Design

Why Media were delighted to launch the new brand identity and website for ACAI Group, a property investment company with a number of high profile commercial, retail and land assets across the UK.

These assets include 8-10 Grafton Street in Mayfair, The Heart Shopping Centre in Walton-on-Thames Surrey and, the flagship store for high-end retail brand Dior on the prestigious Bond Street. The objective of the branding and creative element of this project was to inject colour, depth and a story behind the brand identity and overall messaging of ACAI (the initials of which represent the three owners of the company). Following completion of the branding process, Why Media delivered a full stationery package including business cards, letterheads and compliment slips and a comprehensive set of brand guidelines, ensuring the brand identity and reputation are protected through a stringent set of ‘brand rules’.

x

Goldschmidt & Howland

Bespoke Website Design & Development with Property Feed Integration

Goldschmidt & Howland are North West London's Leading estate agent and letting agent servicing Hampstead Garden Suburb, Belsize Park, Kentish Town, Little Venice, St Johns Wood and more.

Why Media created a brand new bespoke website for the company to enhance their online presence, modernise the design of the website and ensure the site was optimised for search engines.

x

Larkfleet Homes

Larkfleet TV Video Production & Marketing

LarkfleetTV creates engaging content to promote the Larkfleet Group housing developments. Why Media plans, films, edits and promotes the videos for the company, helping to drive sales and raise the company profile.

x

Woking Shopping Centre

WokingTV Video Production and Promotion

As a leading regional shopping centre destination Woking Shopping needed to join up a number of platforms to help highlight new retailers and restaurants at the centre as well as a new market area.

Why Media produce monthly videos for WokingTV, and manage all elements including storyboards, planning, filming, editing, video promotion across social media and integration into the website.

x

Blue Whale Capital

Bespoke Website Design & Development with Custom API Integration

Blue Whale Capital approached Why Media in a quest to create a modern, functional and tailor-made website with a partner they could work closely and honestly with for this project and their future design and marketing needs.

The website is functionality focussed and incorporates a bespoke API to allow visitors to invest directly through the website. Each call-to-action has been carefully considered to enhance the user journey and ultimately encourage visitors to invest with the company.

x

Bovis Homes

Stanton Cross Website

Bovis Homes build some of the best new homes in the UK that are great places to live. Stunning new homes and apartments for sale right now.

Why Media were commissioned to design and build a bespoke website for the Bovis Homes Stanton Cross development. Stanton Cross is a brand-new community in the heart of Northamptonshire on the eastern edge of the historic town of Wellingborough. The website provides an engaging platform for the development and location information.

x

The Heart Shopping Centre

POS Design

Why Media manages and promotes the Heart Shopping Centre Kids Club events. The POS creative for the events is displayed throughout the centre in advance of the event and is also provided in all required formats for the website, social media and advertisements.

x

County Square Shopping Centre

Social Media Management

Located in the heart of Ashford, Kent, County Square shopping centre offers a friendly welcome to visitors from across the county and further afield. With more than 50 shops alongside cafes and restaurants, County Square is the local, relaxed choice for the community.

Since Why Media were appointed as the social media managers for the centre, the account has seen phenomenal growth in group numbers of over 1800%.

x

Go Epsom

Campaign Branding

Go Epsom is the campaign created for Epsom BID. The colourful and vibrant campaign branding was created to promote the town of Epsom, Surrey.

The colour palette and facets were selected to reflect the individual aspects of the town such as shopping, dining and entertainment, while still working together as a whole to form the brand identity.

x

Rivera Property Consultants

Branding & Corporate Stationery Design

Rivera Property Consultants is a leading company offering Property Sourcing, Sales and Lettings Management, Interior Design and Development.

Why Media were approached by Mr. Rivera, a property agent with over fifteen years of experience in the London Property Market, to undertake a full branding and website design project for his newly established business. The branding was crafted to present the company as high-end, professional and established. 

x

The Heart Shopping Centre

Magazine Design, Print & Distribution Management

The Heart Shopping Centre magazine is distributed every 6 months, delivering a Summer issue and Christmas issue. The magazine has been crafted to entice customers in the local area to visit the centre. The magazine is updated with each issue to tie in with the branding, event creative and any campaigns that are running and has proven to be a great success.