• 05.18.16

117 million LinkedIn logins are up for sale on the dark web

Turns out a 2012 hack was much bigger than LinkedIn thought. The account information—specifically email addresses and passwords used to log onto LinkedIn—is being sold for over $2,200. 

The data dump supposedly includes information for 167 million accounts, though passwords have only been included for 117 million. 

In a statement to Ars Technica, LinkedIn insisted this was not a new breach: 

In 2012, LinkedIn was the victim of an unauthorized access and disclosure of some members’ passwords . . . Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of LinkedIn members from that same theft in 2012. We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords. We have no indication that this is a result of a new security breach.