Have I Been Pwned? LinkedIn password breach worse than reported

Home        Blog        Have I Been Pwned? LinkedIn password breach worse than reported

Have I Been Pwned? LinkedIn password breach worse than reported

LinkedIn hackedThe last week has seen a disconcerting trend of social networking data breaches, culminating in the largest leak of email addresses and passwords of all time.

If you created an account with one of the social networking sites LinkedIn, Tumblr, Fling or Myspace between 2012 and 2013 your data could very well have fallen victim to afoul.

However, all the reporting of this security issues misses the bigger issue. The fact that passwords are reused again and again across the internet, it could be your other online accounts that could be compromised!  

It all started with a security issue flagged by the professional networking site LinkedIn on May 17th. In a statement released by their legal support team, they made clear of the fact that the hack itself could be detailed back to 2012, with the data lying dormant all that time. The data divulged included 167 million member email addresses and passwords, all for accounts that were created prior to the 2012 breach. The response by LinkedIn was swift and imminent. All passwords for accounts created prior to the 2012 breach were invalidated and account holders were notified to implement new ones.

That was far from the last of such dramas. Yesterday the internet was shaken to the core with the prospect that three other notable social networking sites had had their valuable data breached and released on the darkweb, offered up to the highest bidder. The compromised data included 65 million Tumblr member email addresses and passwords, dating back to February 2013; 40 million from the sordid Fling network and a whopping 360 million from the once online networking behemoth, Myspace. All in all rounding out the single largest online data leak in internet history.

This disturbing trend has many experts entirely perplexed. One such expert is Troy Hunt, founder of the data breach search service Have I Been Pwned? He questions the timing, objective and whether this will be the last of such colossal breaches in his personal blog entry, ‘The Emergence of Historical Mega Breaches’. He sees the leaked information as a reflection “..of the reality that we’re a couple of decades into the modern internet” and doubts that such security issues will subside anytime soon.

If you did indeed have an account of any of the above mentioned social networking sites between the allocated time period, it is highly likely that your data was susceptible to the leak.

To find out for certain simply enter your email and/or username into Have I Been Pwned?’s website directly.

If you have in fact been a victim, it’s incredibly imperative to immediately change any passwords to other online services where you’ve used the same password as the hacked account. The security matter doesn’t start and end with the leaked data from those particular social networking sites. It could be much more far-reaching, depending on how stringent and secure you have been with your passwords in the past.

It’s times like these that serve as a reminder to consistently keep all of your passwords separate and differentiated. Although, I’m sure you’d have previously read our blog post on the matter and such a suggestion was not needed!

Contact us or your local IT Support provider for any more information on the matter.



UPDATED 7th June 2016


Since the publishing of this article last Wednesday, our prediction that other online accounts could be compromised due to re-used passwords, did in fact, come true. TeamViewer, a remote access support system, observed suspicious behaviour early Saturday morning, which quickly led them to conclude that passwords that had been re-used from LinkedIn, Tumblr and Myspace between 2012 – 2013 provided hackers with an ‘in’ to TeamViewer financial accounts.


At risk of sounding like a broken record, let us just reiterate the fact that you should not, under any circumstances repeat and reuse the same passwords, for this exact reason.

Visit ARS Technica’s site to learn more about TeamViewer’s response to the security breach and to keep educated on developments as and when they happen.


UPDATED 23rd June 2016

 

The fallout continues. Carbonite users have received a proactive email from the cloud backup provider. They noticed unusual hacker activity on their network. Carbonite have taken the precaution of resetting their users’ passwords in order to protect them. They state in the email:


This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked.


There is no doubt the “other companies” Carbonite is referring to is LinkedIn. 


I’ll continue to reiterate the fact that you should not, under any circumstances repeat and reuse the same passwords, for this exact reason.

Here is the email from Carbonite in full

Hi,

For your protection and the safety of your data, we have reset the password on your account. To access your account, you must choose a new, secure password.

This action is being taken proactively and at this time there is no evidence to indicate that your account or data have been compromised. Your backups are safe and your regular backup schedule will continue.

What Happened
As part of our ongoing security monitoring, we recently became aware of unauthorized attempts to access a number of Carbonite accounts. This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts. Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised.


What Information Was Involved
While we will continue to monitor and investigate the matter, we have determined that some usernames and passwords are involved. Additionally, for some accounts, other personal information may have been exposed.


What We Are Doing
To ensure the protection of all our customers and the safety of their data, we are requiring all Carbonite customers to reset their login information. Our Customer Care team is standing by to assist anyone who needs additional help. This activity in no way affects existing or scheduled backups. Files are still being safely backed up.

In addition to our existing monitoring practices, we will be rolling out additional security measures to protect your account, including increased security review and two-factor authentication [which we strongly encourage you to use].

What You Should Do
Use the link above to reset your password. We highly recommend using “strong” unique passwords for Carbonite and all online accounts. Learn more about strong passwords at www.carbonite.com/safety. If you use the same or similar passwords on other online services, we recommend that you set new passwords on those accounts as well.

For more information please contact Customer Care at https://support.carbonite.com/.
Sincerely,
Carbonite Customer Care


 



UPDATED 7th June 2016


Since the publishing of this article last Wednesday, our prediction that other online accounts could be compromised due to re-used passwords, did in fact, come true. TeamViewer, a remote access support system, observed suspicious behaviour early Saturday morning, which quickly led them to conclude that passwords that had been re-used from LinkedIn, Tumblr and Myspace between 2012 – 2013 provided hackers with an ‘in’ to TeamViewer financial accounts.


At risk of sounding like a broken record, let us just reiterate the fact that you should not, under any circumstances repeat and reuse the same passwords, for this exact reason.

Visit ARS Technica’s site to learn more about TeamViewer’s response to the security breach and to keep educated on developments as and when they happen.