
Another Hack: 117M LinkedIn Emails and Passwords - Brajeshwar
http://motherboard.vice.com/read/another-day-another-hack-117-million-linkedin-emails-and-password
======
tshtf
This is not really "Another Day, Another Hack" per the title. As the article
states, these are data from the LinkedIn breach of 2012. The response from
LinkedIn is here:

[https://blog.linkedin.com/2016/05/18/protecting-our-
members](https://blog.linkedin.com/2016/05/18/protecting-our-members)

~~~
delluminatus
Yeah, it seems like "Another Day, Another Hack" is just the name of the series
they use to cover security-breach-related news. It's unfortunate that it
confuses the meaning of the article to imply that there was literally "another
hack."

------
jtchang
Yikes. SHA1 with no salt?! If your password is under 10 characters and has no
symbols it can pretty much be cracked instantly using a standard rainbow
table:

[http://project-rainbowcrack.com/table.htm](http://project-
rainbowcrack.com/table.htm)

The SHA1 rainbow table with 10 alpha numerics is less than 1TB. This is well
within consumer range to load up into a database.

------
newman314
From Krebs,

"Inexplicably, LinkedIn’s response to the most recent breach is to repeat the
mistake it made with original breach, by once again forcing a password reset
for only a subset of its users."

[https://krebsonsecurity.com/2016/05/as-scope-
of-2012-breach-...](https://krebsonsecurity.com/2016/05/as-scope-
of-2012-breach-expands-linkedin-to-again-reset-passwords-for-some-users/)

------
retox
I just tried to change my password but the linkedin site is probably the the
worst mobile site I've ever had the misfortune of using. Spent 15 minutes and
accomplished precisely nothing.

What other options are there for looking for work that have the same reach?
I'm a Brit .net software eng looking for work in New Zealand and all the expat
sites feel like a waste of time.

------
soared
I wish there was a competitor to take advantage of articles like this.

------
akerr
We'd like to 0wn your professional network on LinkedIn!

------
socket0
On the plus side, perhaps I can now expect LinkedIn contact requests from a
better class of tech savvy scammer...

