Hacker puts up 167 Million LinkedIn Passwords for Sale
The Hacker News Mohit Kumar
LinkedIn's 2012 data breach was much worse than anybody first thought.
In 2012, LinkedIn suffered a massive data breach
in which more than 6 Million users accounts login details, including
encrypted passwords, were posted online by a Russian hacker.
Now, it turns out that it was not just 6 Million users who got their login details stolen.
Latest reports emerged that the 2012's LinkedIn data breach may have
resulted in the online sale of sensitive account information, including
emails and passwords, of about 117 Million LinkedIn users.
Almost after 4 years, a hacker under the nickname "Peace" is
offering for sale what he/she claims to be the database of 167 Million
emails and hashed passwords, which included 117 Million already cracked
passwords, belonging to LinkedIn users.
The hacker, who is selling the stolen data on the illegal Dark Web marketplace "The Real Deal" for 5 Bitcoins (roughly $2,200), has spoken to Motherboard, confirming these logins come from the 2012 data breach.
Since the passwords have been initially encrypted with the SHA1 algorithm, with "no salt," it just took 'LeakedSource', the paid search engine for hacked data, 72 hours to crack roughly 90% of the passwords