A hot topic today has been the alleged hacking of more than six million LinkedIn passwords. It started as a rumour, then LinkedIn stepped in to investigate, originally stating that it was "unable to confirm that any security breach has occurred."
This is no longer the case. A new blog post from LinkedIn states that member passwords have indeed been compromised. No numbers have yet been confirmed by LinkedIn with regards to the breach.
"We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts," the company affirms. "We are continuing to investigate this situation." LinkedIn lays out some advice for users:
Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in these emails. For security reasons, you should never change your password on any website by following a link in an email. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
LinkedIn also says that it has implemented "enhanced security" measures, "which includes hashing and salting of our current password databases."