6.5M LinkedIn passwords leaked

One of the first things Internet users do when they sign up for a new service, or become a member of a website, is register a password they believe to be unique. This password is often the main form of visible security users have, and they trust websites with them. If a hacker gets hold of a password, it’s a big problem. This recently happened to LinkedIn users.

LinkedIn is a popular social media site that caters to professionals and helps them to network and find jobs. In the past few days, news stories have emerged about how members’ passwords were leaked online.

How passwords work
The password you enter to access a website like LinkedIn acts as a handshake to confirm that the user trying to access the account is who they say they are. Remember the last time you signed up for a new account, and had to enter the password you’re going to use? The owner of the website stores that password in a, normally encrypted, file and tells the Web page to reference this file when you log in. If the passwords match, you’re allowed in. If not, you get the password error page.

What happened?
A hacker discovered a way to exploit the calendar feature in the LinkedIn mobile app. Basically, when the calendar in LinkedIn was updated, the information, including your password is encrypted and sent to LinkedIn’s servers, which then update your profile with the information. The hacker developed a way to grab the encrypted password data for around 6.4 million users.

The hacker then published the encrypted passwords online for other people to decrypt. LinkedIn has released an update to the mobile apps to plug this leak, but the passwords are still online.

What does this mean for me?
The chances of your account’s password being among the ones leaked is pretty small. However, if your password was posted, someone with programming and encryption knowledge could decipher it, and gain access to your account. If this happens, this poses a security risk as they will be able to access any and all data you have stored on that account. Beyond that, if you use the password for other accounts, they could gain access to them also.

How do I know if my password was compromised?
LinkedIn knows of the leak and has taken steps to minimize the damage.

  1. When you next try to log in to your LinkedIn account, you’ll get a message telling you the password no longer works.
  2. LinkedIn has emailed users whose passwords have been leaked informing them to change their password. This email has no links in it, so if you get an email supposedly from LinkedIn with links to change your password, DON’T click on the link. There have been reports of such emails (with links) being sent out. These emails are phishing schemes which aim to steal your password.
  3. LinkedIn will send you a follow-up email explaining more about what happened and why you were asked to change your password.

Alternatively, you can go to lastpass.com and test your password.

If you haven’t received an email, your password probably wasn’t leaked. We do suggest that, for security reasons, you change your LinkedIn password as soon as you can. You can do this by:

  1. Going to LinkedIn’s website and logging in.
  2. Hovering your mouse over your name in the top right corner of the window and selecting Settings from the drop down menu.
  3. Clicking on Account located in the pane underneath your profile picture. If you don’t see Account click on the grey shield icon.
  4. Selecting Change password and following the instructions.

If you feel that your accounts are unsecured, or would like to enhance your current security, please contact us. We may have a solution for you.

Print from iPad, no strings attached

When Apple released the first iPad, the business community knew, almost straight away, that it was the next step in the evolution of computing. Three versions later and the number of managers and business owners using their iPad for business purposes has done nothing but increase. While it’s great, it’s not perfect, and one thing the iPad could improve upon is its integration with printers.


Microsoft Word keyboard shortcut roundup

Microsoft Word is probably the most widely installed program that’s not an operating system. It’s become so ingrained in computing culture that other word processing programs have a tough time competing, and have had to include the ability to read and edit Word documents. Of Word’s many features, keyboard shortcuts are among the most useful.


Killer Office hacks - Android tablet

As Android tablets become more commonplace in the business environment, many managers are finding that they want to edit and view documents, presentations and spreadsheet files on the tablet. Many, if not all, managers use Microsoft Office as their main office suite which poses a problem, as there’s no official Microsoft Office app for the tablet.


Minimize risk by backing up data

Business Continuity Planning (BCP) – a plan on how to keep your business operational during any adverse conditions – is an important process that every small business should implement. One of the major aspects of this is where you should backup your business’s data. Having a backup of your data is like an insurance plan for your company, with it, you’ll be able to keep operating during adverse conditions.