A Russian forum member claims to have stolen 6.46 million encrypted LinkedIn passwords and posted them online, according to Finnish security firm CERT-FI. The passwords are encrypted with SHA-1, and although it is very secure, around 300,000 of the weaker passwords may have already been exposed. The social networking site announced on Twitter that it is looking into the incident. “Our team is currently looking into reports of stolen passwords,” the company said. “Stay tuned for more.” It is recommended that LinkedIn users change their passwords as a precautionary measure.
UPDATE: LinkedIn has confirmed the breach in a post on its blog, and stated that “some” passwords were compromised.
[Via ZDNet]