117 Million Hacked LinkedIn Accounts Are Being Sold On The Dark Web

Update: LinkedIn isn't the only social network that got hacked around 2012. If you used MySpace or Tumblr before 2013, there's a good chance your login credentials may have been hacked. If you're still using that same ol' password, now's a really good time to ditch it. To see whether your email address has been involved in any notable hacks, you can enter it on this website. This story was originally published on May 18, 2016. It looks like an old LinkedIn security breach may have been more serious than anyone initially realized. Four years ago, LinkedIn was hacked. Immediately following this event, the website reported that it had reset the compromised accounts. Problem solved, right? This week, however, LinkedIn confirmed that the 2012 breach was much more significant than it originally thought. Initially, the business-oriented social network reported that only 6.5 million usernames and passwords had been leaked as a result of the 2012 hacking. In fact, the number was much higher. 117 million LinkedIn IDs from the hack were recently discovered up for sale on a dark web market known as TheRealDeal. LinkedIn says it will repeat the resetting measures taken four years ago, albeit this time on a much larger scale.

A LinkedIn spokesperson told the BBC, “We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords.” LinkedIn is now advising that members visit the website's safety center to ensure that they have two-step verification authentications, and are using strong passwords, which will help keep accounts as secure as possible. The question remains whether LinkedIn knew how extensive the 2012 breach was, and if so, why they didn't implement a system-wide password reset at the time. In any case, now's a good reminder about the importance of good security and password practices.