LinkedIn password database was stolen and posted publically - Page 2

Dubslow · 2012-06-07, 13:51

I'm still really curious where xilman (et al.) found the file before a tool went up.

PS I did google it. It's a natural instinct.

PPS One of my favorite shirts was "Curiosity killed the cat, but for a while I was a suspect." Especially if the kid wearing it was particularly inclined to do stupid/dangerous stuff.

xilman · 2012-06-07, 14:43

Quote:

Originally Posted by Dubslow

I'm still really curious where xilman (et al.) found the file before a tool went up.

xilman · 2012-06-07, 14:48

Note that the phishers are already active: http://www.bbc.co.uk/news/technology-18351986

voidme · 2012-06-07, 15:45

I tried Googling it too and was unable to find the source material, so it's not like we didn't try, lol

chris2be8 · 2012-06-07, 16:45

Quote:

Originally Posted by xilman

A few further details follow.

First, only 6.4 million password hashes have been released, out of a total of more than 150M. I have a copy of this file.

Second, only the hashes have been released (so far) and not the accounts to which they correspond.

Third, only around 250K plaintext passwords have been released in parallel with their SHA1 hashes. So far, I've only found a single file which contains about 160K of them; the others are reported to be out there but I've not yet found them.

Fourth, there are very good grounds to suspect that only those accounts accessed through a iOS app have been compromised.

My take:

First, if your password hashes to one of those in the list you should undoubtedly change your password. On Linux this can be checked with sha1sum (*).

Second, if you've used an iOS app to access LinkedIn you should probably change your password.

Third, if a list of usernames corresponding to the hashes appears and your name is in that list, you should undoubtedly change your password whether or not your password appears in the list of those recovered.

Paul

(*) I verified that the hash of my LinkedIn password is not in the list of hashes by first typing my password into a file and editing that file to ensure that there was no extraneous whitespace, including any terminal newline. Then I ran "sha1sum passwd_file" to find the hash. A quick grep for that hash in the the compromised hashes file turned up nothing. I verified the procedure by using a known password/hash pair taken from the file of 160K compromised examples.

Do not assume that the hackers have released all the hashes they stole. And *do* assume they have the usernames corresponding to the hashes.

Also assume criminals will try every plaintext password that's been released or they can crack against every ID they know of at banks, paypal etc.

I assume you are all sensible enough to use different passwords for different sites.

Chris

ewmayer · 2012-06-07, 20:13

Is anyone else annoyed at not hearing any of this from LinkedIn itself? My weekly LinkedIn Network Updates e-mail for June 5 is blissfully free of any mentions of hackery. Perhaps LNKD is playing the old-as-the-ostrich "If we pretend it never happened, we can't be held liable" game here.

Wankers.

KingKurly · 2012-06-07, 22:00

Quote:

Originally Posted by ewmayer

Is anyone else annoyed at not hearing any of this from LinkedIn itself? My weekly LinkedIn Network Updates e-mail for June 5 is blissfully free of any mentions of hackery. Perhaps LNKD is playing the old-as-the-ostrich "If we pretend it never happened, we can't be held liable" game here.

Wankers.

I closed my account and told them exactly why in the "exit interview" that they do.

retina · 2012-06-08, 03:44

Quote:

Originally Posted by ewmayer

Is anyone else annoyed at not hearing any of this from LinkedIn itself? My weekly LinkedIn Network Updates e-mail for June 5 is blissfully free of any mentions of hackery. Perhaps LNKD is playing the old-as-the-ostrich "If we pretend it never happened, we can't be held liable" game here.

Either that or they really do have their head in the sand and are not aware that a hack took place.

Either way, as you put it so succinctly, ...

Quote:

Originally Posted by ewmayer

Wankers.

xilman · 2012-06-08, 06:21

Quote:

Originally Posted by retina

Either that or they really do have their head in the sand and are not aware that a hack took place.

They are certainly aware. They've made public statements about the incident. What they have not yet done is inform their customers individually.

Ernst rightly compares them with a wunch of bankers.

Batalov · 2012-06-09, 00:32

I don't know if I should be happy or pissed. I've been honored!

I did receive a message from LinkedIn bunch of ~~hooey~~ bankers - just now.

And it says in part:

Quote:

We recently became aware that some LinkedIn passwords were compromised and posted on a hacker website. We immediately launched an investigation and we have reason to believe that your password was included in the post.

To the best of our knowledge, no email logins associated with the passwords have been published, nor have we received any verified reports of unauthorized access to any member’s account as a result of this event. While a small subset of the passwords was decoded and published, we do not believe yours was among them.

The security of your account is very important to us at LinkedIn. As a precaution, we disabled your password, and advise you to take the following steps to reset it. If you reset your password in the last two days, there is no need for further action.

ewmayer · 2012-06-09, 19:21

Quote:

Originally Posted by Batalov

I don't know if I should be happy or pissed. I've been honored!

I did receive a message from LinkedIn bunch of ~~hooey~~ bankers - just now.

I received a copy of the same message ... at 10:30pm PDT last night, nearly 36 hours after I'd already changed my password.

I repeat: Wankers.

2012-06-07, 13:51	#12
Dubslow Basketry That Evening! "Bunslow the Bold" Jun 2011 40<A<43 -89<O<-88 3×29×83 Posts	I'm still really curious where xilman (et al.) found the file before a tool went up. PS I did google it. It's a natural instinct. PPS One of my favorite shirts was "Curiosity killed the cat, but for a while I was a suspect." Especially if the kid wearing it was particularly inclined to do stupid/dangerous stuff. Last fiddled with by Dubslow on 2012-06-07 at 14:46

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Stolen Assignment?	CuriousKit	PrimeNet	21	2017-08-13 03:34
No Results Posted	a10001	PrimeNet	14	2015-12-23 01:37
two factors posted for M1217 and M1259	tha	Factoring	3	2014-05-23 10:13
I had my identity stolen by '24'	ewmayer	Lounge	12	2010-02-04 21:26
Linkedin anyone?	ET_	Lounge	0	2008-04-28 09:37

2012-06-07, 14:48	#14
xilman Bamboozled! "𒉺𒌌𒇷𒆷𒀭" May 2003 Down not across 2A1C₁₆ Posts	Note that the phishers are already active: http://www.bbc.co.uk/news/technology-18351986

2012-06-07, 15:45	#15
voidme Feb 2012 67 Posts	I tried Googling it too and was unable to find the source material, so it's not like we didn't try, lol

2012-06-07, 20:13	#17
ewmayer ∂²ω=0 Sep 2002 República de California 19×613 Posts	Is anyone else annoyed at not hearing any of this from LinkedIn itself? My weekly LinkedIn Network Updates e-mail for June 5 is blissfully free of any mentions of hackery. Perhaps LNKD is playing the old-as-the-ostrich "If we pretend it never happened, we can't be held liable" game here. Wankers.