Quick Look Into LinkedIn’s Password Breach

[By Sudarshana Banerjee]

Reports surfaced in the European press of a packet of some 6.5 million LinkedIn passwords being up for grabs in a Russian hacker website. LinkedIn has now confirmed that indeed some of its member passwords have been breached, though the professional networking site is not saying exactly how many is the ‘some’ of the breach.

Vicente Silveira (Director, LinkedIn): We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts.

What happens next? LinkedIn members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.  They will also receive two emails from LinkedIn, the first providing details on how they can reset their passwords, and the second mail outlining why they have to. If you have a LinkedIn account, you may want to go ahead and change your password, just to be on the safe site. Especially so if your LinkedIn password is used elsewhere (online banking perhaps?)

LinkedIn says it just put in enhanced security in place, including hashing and salting of their current password databases.”It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases,” says Mr. Silveira.

Hashing changes the passwords to a different fixed-size string of data, making it very very difficult to deduce the original password in the event of a compromise. A cryptographic salt is data used during hashing to eliminate the possibility of the output being looked up in a list of pre-calculated hashes. Hashing and salting are standard password storing practices. It is not clear whether the ‘enhanced security’ was put in place after the breach, or if hackers somehow got through to 6.5 million hashed passwords and account details.


Just in

Staff say Dell’s return to office mandate is a stealth layoff, especially for women — The Register

The implications of choosing to work remotely, we're told, are: "1) no funding for team onsite meetings, even if a large portion of the team is flying in for the meeting from other Dell locations; 2) no career advancement; 3) no career movements; and 4) remote status will be considered when planning or organization changes – AKA workforce reductions," writes Thomas Claburn. 

Orkes raises $20M

Cupertino, CA-based Orkes, a company focused on the scaling of distributed systems, has raised $20 million.

Motorola Solutions appoints Nicole Anasenes to board

Motorola Solutions announced the appointment of Nicole Anasenes to its board of directors. Ms. Anasenes has over two decades of experience in leadership roles across software and services, market development, acquisitions, and business transformation.

Apple Announces ‘Groundbreaking’ New Security Protocol for iMessage — MacRumors

Apple today announced a new post-quantum cryptographic protocol for iMessage called PQ3. Apple says this "groundbreaking" and "state-of-the-art" protocol provides "extensive defenses against even highly sophisticated quantum attacks," writes Joe Rossignol.

How data collaboration platforms can help companies build better AI – HBR

By embracing data collaborations, business leaders can safely access high-quality data, avoid legal issues, gain a diverse, pluralistic, and therefore more expansive view of the world, unlocking the full potential of fine-tuned models, writes José Parra-Moyano, Karl Schmedders, and Alex "Sandy" Pentland.