Linkedin_circle.svgLast month, LinkedIn was involved in a big breach involving 164 million user accounts, and LinkedIn used very weak encryption to store password data.

As of last week, the entire list of usernames and passwords has been decrypted and published online for anyone interested to see. There has been at least one large scale exploitation of this data reported.

Am I affected?

If you have a LinkedIn account, the chances are good that your email and password is now in the public domain.

To find out if you are affected, you can check your email address(es) here: https://haveibeenpwned.com/ (this is a safe site that also searches other historic breaches like MySpace, Adobe, tumblr…)

Help! My account was in this breach

If the above site lists you as affected, there are some steps you should take:

  • Change your LinkedIn password ASAP
  • If you used the password in other places (Active Directory, Facebook, Gmail, e-banking, etc.) you should change that too.
  • Above all, make sure your email accounts use a different password than everything else. If one account gets hacked then someone can use your email account to access any other account linked to it.