Wednesday was a dark day for Website security. Nearly 6.5 million encrypted LinkedIn passwords, and 1.5 million encrypted eHarmony passwords were leaked onto the Internet. That brings the total to about 8 million user passwords that are now potentially compromised.
According to cybersecurity company Sophos, 5.8 million of the 6.5 million LinkedIn passwords had unique encryption codes attached onto the actual password that the user logs in with. Of those, roughly 60 percent — 3.5 million — have already been cracked by hackers, meaning those passwords are now fully exposed, and on the Web forever. We don’t yet have detailed numbers for the 1.5 million leaked eHarmony passwords, but its safe to assume that they too have been cracked at a similar rate.
So, what now? The best thing to do is to change your password for either of these services immediately. Further, if you used your LinkedIn or eHarmony password on any other website, then you should change those passwords, too. And now would be a good time to stop using the same password for multiple sites. We know, remembering all those passwords is a pain, but having quality, unique passwords for all of your services — especially those linked to your financial accounts — is absolutely necessary to protect your identity and money, and should become one of your basic safety practices, like wearing a seat belt.
Check your status
For added protection and peace of mind, you can verify whether your password was among those leaked to the Web using password management firm LastPass’ password checker. They’ve created one for LinkedIn, and one for eHarmony. LastPass will run your password against the database of leaked passwords, and see if they can find a match. It will alert you even if your password has not yet been cracked. If your password does appear in the list, then make the necessary changes mentioned above immediately — you are at risk of identity theft and more.