Time has come for password change on LinkedIn …. as millions of passwords are posted on a Russian hacker website.
Few details so far:
- The data leaked is a file of SHA1 hashes
- The data have been first posted on a Russian hacker website
- There are 3,521,180 hashes that begin with 00000. Probably marked to cracked(reversed user’s password).
- The file does not contain duplicates. LinkedIn claims a user base of 161m. This file contains 6.4m unique password hashes. That’s 25 users per hash. Given the large amount of password reuse and poor password choices it is not improbable that this is the complete password file.