In 2012, around 164 million Linkedin passwords were compromised. The critical risks to the many Linkedin users wasn’t that their online ‘CV’ would be altered, rather whether they had used the same login and password on other accounts such as webmail.
Linkedin sent an email shortly afterwards to affected users urging them to change any shared passwords. Passwords from such breaches continue to appear in fake emails, such as the recent ‘webcam’ scam where the subject line contains a password that was probably used by the recipient at some point. The sender says they have used that password to hack the recipient’s computer, install malware, and record video of the recipient through the webcam. The attackers say they will reveal adult-website habits and send video to contacts unless they are sent around $1,000 NZD of bitcoin.
More recently in January, media reported that at least nine New Zealand websites were caught up in one of the biggest password security breaches of all-time. The breach known as ‘Collection #1’ contains 772,904,991 compromised accounts.
We recommend checking whether any of your organisations email addresses have been compromised in either this or any other compromise, by running a search on this website https://haveibeenpwned.com.