LinkedIn Blocks User Passwords Involved in Gawker
LinkedIn is disabling passwords of users whose e-mail addresses were included in the customer data that was exposed in an attack on the Gawker blog sites.
The professional-networking site is taking this action to prevent any of its customers from having their LinkedIn accounts hijacked in the event that they used the same password that they used on any of the Gawker sites.
"There is no indication that your LinkedIn account has been affected, but since it shares an e-mail with the compromised Gawker accounts, we decided to ensure its safety by asking you to reset its password," the company said in an e-mail to users today.
To reset your LinkedIn password, go to the Web site and click on "Sign In" and "Forgot Password?" and follow the directions.
Gawker's Web site and back-end database were compromised, and passwords, usernames, and e-mail addresses for about 1.3 million user accounts were posted on the Pirate Bay Bit torrent site over the weekend. The passwords were encrypted with technology. However, weak passwords can easily be cracked by brute force attacks. (To find out how to check if you are at risk and get more details about the incident read this FAQ.)
People who use the same password on multiple sites are at risk of having their accounts on those other sites compromised. This happened already on Twitter, with some accounts being used to send spam shortly after the Gawker breach was publicized.
Security experts urge people to choose strong passwords, to change them often and to not use the same password on multiple sites.
Return to security news headlines
View Security News Archive