LinkedIn, the professional networking site, is currently investigating a rumor that a hacker has accessed company information and leaked over 6.5 million users' passwords.
A user in a Russian forum revealed recently that they were able to hack LinkedIn and access the passwords of millions of users. Those passwords were then leaked as hashwords. Although the networking site has failed to substantiate the report, some users on Twitter have stated that they believe their password is among the list of passwords that were uploaded to the internet.
"The passwords are encrypted with the SHA-1 cryptographic hash function, used in SSL and TLS and generally considered to be relatively secure, but not foolproof," Mashable reported. "Unfortunately, it also seems that passwords are stored as unsalted hashes, which makes it much easier to decipher them using pre-computed rainbow tables."
In translation, that means that the actual passwords appear to still be encoded, however using cheap and accessible software, it may not take long to retrieve the real password.
LinkedIn reported on Tuesday that the company was looking into the issue and investigating the validity of the claim. Users have been advised to change their password at current until more information is gathered. If the hacker truly has retrieved user passwords, then it is likely that he or she also has the matching user names as well, according to Cert-Fi.
LinkedIn's CEO, former Yahoo executive Jeff Weiner and founder Reid Hoffman, have yet to make any statement concerning the report asides from a Twitter comment. LinkedIn has over 160 million subscribers, half of which are in the United States. The initial reports stated that 6.46 million passwords had been hacked, which means many users who use the professional and social network often.
The current stock price of the company fell to $91.96 on Wednesday, after an opening price of $93.17.