Technologist - The FindLaw Legal Technology Blog

LinkedIn Was Hacked: Here's How to Protect Yourself

Back in 2012, LinkedIn was hacked and 6.5 million passwords were reportedly leaked. Now it looks like a few more accounts were also compromised -- almost 167 million. And the consequences of that hack are still playing out four years later.

Last week, LinkedIn announced that more than 100 million passwords and matching emails may have been leaked online. If you have a LinkedIn account, here's what you should know, and how you can protect yourself.

6.5 Million Turns Out to Be a Major Underestimate

Back in June of 2012, hackers broke into LinkedIn's network and absconded with a ton of data. That included 6.5 million encrypted passwords, which were posted on Russian hacker forums. But the 6.5 million was just the tip of the iceberg. Information on many more accounts was also lost in that hack -- virtually every LinkedIn account at the time was compromised, it turns out.

Now, hackers are trying to sell that information online for just $2,200, Vice Magazine's Motherboard reports. That data includes the emails and passwords of 117 million LinkedIn members.

Since the leak includes both your email and LinkedIn password, many users could be especially vulnerable. If you use the same password for multiple websites, hackers could be able to break into your accounts across a variety of platforms.

How to Protect Yourself

First, if you haven't updated your passwords in a few years, do so now. LinkedIn is already requiring password changes for accounts that haven't modified their log-in information since 2012. But if you used the same password on multiple websites, you should update all those passwords as well.

Now would also be a good time to install a password manager. Password manager programs can generate different, difficult-to-crack passwords for all your accounts, then keep them in order for you -- so you don't get overwhelmed by password glut. You can find them in many antivirus programs (Bitdefender and Norton both have good password managers), or you can get a stand-alone program, like Keeper Security or Password Genie.

Finally, turn on two-step verification where you can. Two-step verification means that, should you log into an account from a new computer, you'll be required to enter your password and provide some other form of verification. Usually, that means entering a code that's texted to your phone. Two-step verification is a great way to protect your accounts and make sure they're not being accessed by others. You can activate it for Google, Twitter, Bank of America -- pretty much any service that's serious about security will have a two-step option.

Related Resources: