It seems that LinkedIn can't catch a break these days.
Qualys researcher Francois Pesce used open source password cracker John the Ripper to try to crack SHA-1 hashes of leaked LinkedIn passwords.
LinkedIn has finally confirmed that some of the passwords that were leaked yesterday correspond to LinkedIn accounts, and has issued a list of steps that they are taking in order to ensure that that the leak doesn't result in hijacked accounts: 1.
News that an unknown individual leaked what appeared to be a batch of 6.5 million LinkedIn passwords on a Russian forum and asked for help in decrypting them spread like fire yesterday, and the users of the popular professional social network have been urged to change their passwords.
It has been a tough 24 hours for LinkedIn. First they were accused of storing users' potentially confidential private and business information on the company servers without their knowledge, and then it has been discovered that a batch of what are allegedly the LinkedIn passwords of some 6.5 million users was published on a Russian forum.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.