6.5 MILLION LINKEDIN PASSWORDS HACKED

It looks like LinkedIn has become another target of hackers, with over 6.5million passwords hacked and leaked to the web. Specifically, the hacked passwords are unsalted SHA-1 hashes, which are easily crackable; e-mail addresses were not hacked. (Leaked password hashes can be downloaded

via-torrent at: http://thepiratebay.se/torrent/7334168/Linkedin_SHA1_passwords ) For any LinkedIn users out there, if you want to check if your password was one of the many hacked, you have a few options. You can visithttp://leakedin.org/ and type in your password or SHA-1 hash, and their script will check the hash list for a match. Alternatively, you can download the above list of hashes and check yourself with the following PHP code (for mac users, you can type the following code directly into the terminal. Make sure to replace "password" with your password.)

php -r 'echo sha1("password") . "\n";'

If you don't find it, then replace the first five characters of your hash with a 0, and check to see if that is in the dump. If that is, it means they have cracked it. If neither are there, it means you're safe. If you're password is apart of the hacked list, it is HIGHLY RECOMMENDED that you change that password on any other service where you use it. Because this password list is out, they'll most likely be added to improve rainbow tables and dictionaries used to bruteforce passwords, thus rendering that password unsafe to be used anymore.