REFILE-Security experts say LinkedIn suffered data breach

Wed Jun 6, 2012 1:58pm EDT

By Jim Finkle and Jennifer Saba

BOSTON/NEW YORK, June 6 (Reuters) - Computer security experts in the United States and Europe warned they have uncovered evidence that the social networking site LinkedIn has suffered a data breach that compromised the passwords of an unknown number of its users.

LinkedIn said via Twitter early on Wednesday that it was "unable to confirm" that a security breach had occurred. "Our team continues to investigate," the Tweet said.

Officials with the professional networking site could not be reached to elaborate.

Computer security experts discovered files with some 6.4 million scrambled passwords on Tuesday, which they originally suspected belong to LinkedIn members because some of the passwords included the phrase "LinkedIn," said Graham Cluley, a senior technology consultant with British computer security software maker Sophos.

When Sophos dug further, it turned out that other passwords found in the list belonged to Sophos employees who only used them to secure their LinkedIn accounts, he said. But it is possible that all or just some of those 6.4 million passwords belong to LinkedIn members, Cluley added.

The data was found on underground websites where criminal hackers frequently exchange stolen information, including scrambled passwords.

The files only included passwords and not corresponding email addresses, which means that people who download the files and unscramble the passwords will not easily be able to access any accounts with compromised passwords.

Yet analysts said it is likely that the hackers who stole the passwords also have the corresponding email addresses and would be able to access the accounts.

Marcus Carey, security researcher at Boston-based Rapid7, said he was "highly confident" that LinkedIn had been the victim of a serious breach, based on his analysis of the data posted on the forums.

He said he believed the attackers had been inside LinkedIn's network for at least several days, based on the type of information stolen and quantity of data released.

"While LinkedIn is investigating the breach, the attackers may still have access to the system," Carey warned. "If the attackers are still entrenched in the network, then users who have already changed their passwords may have to do so a second time."

Security software maker F-Secure of Finland warned LinkedIn customers to be on the lookout for scam emails that might be sent to them using data stolen from the social networking site.

"Will happen," F-Secure Chief Research Officer Mikko Hypponen said via Twitter.

LinkedIn, which had its debut last year, is an online social media company that caters to companies seeking employees and people scouting for jobs.

It has more than 161 million members worldwide. One of the Mountain View, California-based company's main initiative is to grow internationally - 61 percent of its membership is located outside the United States.

The company was co-founded by former PayPal executive Reid Hoffman in 2002 and makes money selling marketing services and subscriptions to companies and job seekers.

FILED UNDER: