Remember when LinkedIn was hacked a few years ago and the company confirmed that login credentials and other data belonging to 6.5 million accounts were stolen? Well, it turns out that figure might have been a little low. OK it was very, very low — it looks like hackers managed to steal data from not 6.5 million, and not even 65 million, but just over 165 million accounts.
In other words, it’s time to change your LinkedIn password immediately.
LeakedSoure updated an earlier report on Thursday night with the news that username and password data from a grand total of 167,370,910 accounts that have now been obtained by the site. Those credentials are actively being sold on the black market, which means that impacted users are at risk.
Wondering how to figure out if you’re one of the LinkedIn users impacted by this massive breach? Well, stop trying to figure it out and just change your password immediately. Seriously, change it right now.
It’s always a good idea to change your passwords regularly and to never, ever use the same password for two different accounts. And no, you shouldn’t paste all those different usernames and passwords into a plain text file so you can remember them. Instead, use a secure password manager that can sync your passwords across all devices and keep them safe but easily accessible. We highly recommend 1password.
Speaking of bad password practices, LeakedSource has published a table showing the most commonly used passwords on LinkedIn and it’s just as bad as you think it might be. The most commonly used password is “123456” — cringe — and it was found on 753,305 accounts. The second most common password was “linkedin” —cringe again — which was used on 172,523 different accounts, and then “password” — seriously, we give up — on 144,458 accounts.
Here’s a top-10 list for you:
Hopefully your password doesn’t appear on that list but either way, you would be wise to change your LinkedIn password immediately.