Bad news for people without a single idea what their LinkedIn password even is — according to Motherboard, some 117 million LinkedIn usernames and passwords are up for sale on a Dark Web marketplace called the Real Deal, following a 2012 leak that was believed to be have exposed the login information for 6.5 million accounts. A password change is heartily recommended.
According to Forbes, a representative for the social networking site said the theft estimate had indeed inflated in the past four years, and that LinkedIn was trying to provide new passwords for those whose details had been hacked. But the damage may already be done, if for no other reason than many people use the same passwords across many of their accounts.
"The reality is, it's a breach from four years ago and some passwords won't just be valid today, they'll be valid across different sites," security expert Troy Hunt told Forbes.
According to Motherboard, an individual who goes by the name Peace has priced the account information at five bitcoins a pop, which currently shakes out to about $2,200. The details are purportedly also available on LeakedSource, a hack database that furnished Motherboard with user details for 1 million accounts. As Forbes pointed out, the scope of the attack might turn out to be greater than LinkedIn can currently guess, if that's the only data set available to the company.
"We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," LinkedIn said in a statement. In the meantime, users should take a moment to update their passwords. Maybe choose something other than what they use for every other internet platform out there? Just a suggestion.