– The social media service released a statement on Wednesday (May 18) to clarify that the illegal leak comes not from a new cyber attack but from a 2012 security breach, Digital Spy said.
LinkedIn says: “Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012.
An update on protecting our members: https://t.co/4a6EJW1JKJ
— LinkedIn (@LinkedIn) May 18, 2016
“We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords.”
Initial reports suggest that these password combinations and email addresses are being shopped among hackers.
A massive breach of 6.5 million encrypted user passwords occurred in June 2012, although LinkedIn says it has improved its security protocol since that time.