A total of over 6.5 million encrypted passwords from LinkedIn, a popular online business contact social networking site, were leaked to the Internet by an anonymous hacker. After the coded passwords were posted to various websites, the electronic burglar pleaded with his fellow hackers to try to decode the ciphered information. Passwords from eHarmony are suspected of being leaked as well.
The hacker posted a “help me” message on the forums of InsidePro, an online business that helps individuals and companies recover encrypted passwords. Within hours, over 76 percent of the passwords from the leaked list were unlocked by several forum members.
The hacker stated:
"Please help to uncrack [these] hashes. All passwords are UPPERCASE."
Hashes are mathematical formulas that are used to turn plain text into numbers for the purpose of security and encryption.
The good news
The massive amount of passwords leaked to the Internet connected to LinkedIn and eHarmony is bad news for these companies as it not only represents a public relations nightmare for them, it also means that critics of the security measures used by these websites have added fuel to the complaint fires.
But if there is any good news to this, the passwords that were cracked cannot be traced back to any users. The passwords exist on their own without any connection to the original account holders or login names.
Word of caution
Although the passwords cannot be pin downed to their users, security experts are advising that users on LinkedIn or eHarmony change their password information just in case.
(For a free subscription to the latest news on Gadgets and Tech from Frank, click here. You can also rattle his cage at franksfgadget [at] gmail.com).