Gameboy

June 6th, 2012 at 6:00 PM ^

How do you know leakedin.org is legit?

It could be just a honeytrap set up by the guy who stole the passwords in the first place. Sure, you don't give any other info, but the list of passwords can be then used later to use in brute force methods.

If you are worried, you should just change your passwords.

Joined: 11/28/2010

MGoPoints: 9656

LSAClassOf2000

June 6th, 2012 at 4:33 PM ^

I changed mine anyway, adding to the ever-lengthening list of passwords that I use on a daily basis. I am pretty sure that it will get to a point where I am trying to log into a site like LinkedIn with the login information I use for our customer data system. Worse, I am afraid I'll be successful doing that...

#21stCenturyProblems

Joined: 01/07/2011

MGoPoints: 130603

PeterKlima

June 6th, 2012 at 4:52 PM ^

Uncofirmed blogger brags he hacked the passowrds and no confirmation from Linkedin yet?  I'll wait to panic.

Joined: 08/24/2008

MGoPoints: -313

kvnryn

June 6th, 2012 at 5:00 PM ^

The lack of confirmation from them should not be mistaken for assurance.

See here: http://erratasec.blogspot.com/2012/06/confirmed-linkedin-6mil-password-dump.html

Also there is some question as to whether you should actually change your password yet, because if LinkedIn's system is still vulnerable, changing your password is just going to give your new password to the hax0rz.

 

I was a lucky winner in today's sweepstakes!

Joined: 06/30/2008

MGoPoints: 1202

TheFrigz

June 7th, 2012 at 1:26 AM ^

I've never understood this kind of thing.  What does the hacker get out of leaking these passwords?  Is it all just a power trip?  So many questions..

Joined: 04/09/2012

MGoPoints: 4079