Forgot your password?
typodupeerror
Security IT

LinkedIn Password Hashes Leaked Online 271

Posted by Unknown Lamer
from the at-least-they-weren't-plain-text dept.
jones_supa writes "A user in a Russian forum is claiming to have hacked LinkedIn to the tune of almost 6.5 million account details. The user uploaded 6,458,020 SHA-1 hashed passwords, but no usernames. Several people have said on Twitter that they found their real LinkedIn passwords as hashes on the list. The Verge spoke with Mikko Hyppönen, Chief Research Officer at F-Secure, who thinks this is a real collection. He told us he is 'guessing it's some sort of exploit on their web interface, but there's no way to know.' We will have to wait for LinkedIn to report back to be sure what exactly has happened." An anonymous reader tipped us to related news: The LinkedIn iOS application harvests information from your calendar and transmits it to their servers unencrypted.
This discussion has been archived. No new comments can be posted.

LinkedIn Password Hashes Leaked Online

Comments Filter:
  • by fuzzyfuzzyfungus (1223518) on Wednesday June 06, 2012 @09:12AM (#40231887) Journal
    Haven't you always wanted to forge closer ties with the dynamic marketing and legal-arbitrage entrepreneurs at the Russian Business Network? Now, LinkedIn is proud to announce your exciting, and mandatory, chance to do just that!
    • But, where is the leaked list ?

  • Plain text (Score:5, Funny)

    by Anonymous Coward on Wednesday June 06, 2012 @09:15AM (#40231913)

    This sort of vulnerability is exactly why I avoid storing passwords in hash form. I always store passwords in plain text form. It's much more secure.

  • Good! (Score:5, Funny)

    by OakDragon (885217) on Wednesday June 06, 2012 @09:15AM (#40231915) Journal
    Maybe I can find mine, I can't remember it!
  • I haven't logged into linkedin for so long, that I don't remember my password anymore.
    And I blocked emails from *@linkedin.com as spam, because, well, they're basically all spam. I can't be bothered to unblock and do email based password recovery.
    Could some Russian friend please look up my password for me, and reply back?
    K thx bye

  • What are you going to do with millions of password hashes, even without usernames none the less?

    • Re:So what? (Score:5, Insightful)

      by DocSavage64109 (799754) on Wednesday June 06, 2012 @09:23AM (#40232025)
      If he has the password hash, then he most likely also has the username. He just didn't share them with the rest of the world and is likely trying to sell them.
    • by vlm (69642)

      What are you going to do with millions of password hashes, even without usernames none the less?

      I've occasionally daydreamed a fun academic paper would be to collect sets of password hashes, rub them up against a rainbow table, and make graphs and correlations and wild assumptions about the correlation coeff of IQ and rate of easily cracked pwd vs site etc etc. Sounds like fun so its probably been done before.

    • Re:So what? (Score:5, Insightful)

      by cryptizard (2629853) on Wednesday June 06, 2012 @09:54AM (#40232437) Homepage
      People use these kinds of leaks to generate statistically sorted dictionary files for password breaking. The most commonly used (in the real world, as evidenced by these leaked databases) passwords are put at the front so you try all the more likely ones before moving on to the random guessing.
      • Replying to myself, in this case you can only get information about passwords that you are actually able to break (i.e. the easy ones), but it can also be useful as an academic analysis of password complexity in real applications.
      • Question - how do you get passwords back from one-way hashes, given that each hash can be generated from an infininate number of original values?

        • by tibman (623933)

          You generate hashes until you match the target hash. It's possible that your original value is different than the actual password. But they hash the same so it doesn't matter : )

        • "Rainbow Tables" attack: https://en.wikipedia.org/wiki/Rainbow_tables [wikipedia.org]
        • If the site uses a single salt for all passwords, then as soon as you crack user A's password, you have user X, Y & Z passwords because they have the same account hash. (In fact, you would specifically target any hashes which appear more then once.)

          The initial break of the hash is either done via a pre-gen rainbow table (which contains pairs of passwords and their hashes) or by brute-force approach (work through possible passwords, hash them, compare against the list of hashes, spit out the matches).
    • by chill (34294)

      LinkedIn uses e-mail addresses as usernames. Getting access to a crapload of valid e-mail addresses to test against is trivial.

    • by tgd (2822)

      What are you going to do with millions of password hashes, even without usernames none the less?

      How do you suppose all the people mentioned on Twitter who verified their passwords in the list were correct did so if they couldn't find their hash in the list?

      Of bigger concern to me is not the loss of the passwords, but the loss of the e-mail addresses (usernames). That's a VERY long list of valid, valuable e-mail accounts.

  • Colour me surprised! (Score:5, Interesting)

    by rogueippacket (1977626) on Wednesday June 06, 2012 @09:19AM (#40231971)
    If you install any app on your mobile device - especially those which thrive off of your data - don't be surprised if it's actually siphoning it off in the background. If groups like Facebook and LinkedIn simply wanted you to access the service remotely, they would just stick to HTML5. Instead, apps give them unfettered access to your contacts, calendar, location, and everything else on your personal device, regardless of platform.
    Just remember, it has never been about convenience to the user, and always profitability to the provider.
    • by fuzzyfuzzyfungus (1223518) on Wednesday June 06, 2012 @09:27AM (#40232083) Journal
      The surprising thing is not that Social 2.0 Mobile Enterprise BuzzCloud App-centric bullshit is shoving everything that it can get its sticky little fingers on to every 3rd party with questionable security and a dire privacy policy that it can find; but that they seem to be so incompetent at it.

      Exfiltrating the data in the clear is certainly easy enough(luckily 'mobile' frequently means 'even if I were competent enough, my crypto-crippled appliance wouldn't let me control outbound traffic anyway') but it makes it likely that, sooner or later, somebody is going to sniff some packets at their router and we'll get a little story about exactly how much exfiltration your ghastly little app is doing.

      It's like corruption. Even when everybody knows that it is happening, it is still considered crass to get caught with your hand in the cookie jar. You are supposed to pretend to care.
    • by Bogtha (906264)

      If groups like Facebook and LinkedIn simply wanted you to access the service remotely, they would just stick to HTML5.

      That's a ridiculous thing to say. There are a lot of factors that go into deciding between a native and a mobile web app, and it certainly doesn't simply boil down to "they want to steal your data".

      apps give them unfettered access to your contacts, calendar, location, and everything else on your personal device, regardless of platform.

      Again, you don't know what you are talking abo

  • by Rob Riggs (6418) on Wednesday June 06, 2012 @09:24AM (#40232035) Homepage Journal

    "Harvested" -- I love it!

    "Bernie Madoff harvested money from his investors."

    "H.I. harvested diapers from the convenience store."

    "LinkedIn harvested private data from my phone."

    They're doing you a favor by "harvesting". Because it's not doing anyone any good if it remains "unharvested".

    • by Ksevio (865461)

      You can also use "leaked" in the reverse sense!

      "Investors leaked money to Bernie Madoff"

      "The convenience store leaked diapers to H.I."

      "My phone leaked private data to LinkedIn"

    • by tringstad (168599)

      What are you suggesting it is a euphemism for?

      We can't call it stealing while simultaneously taking the stance that copying MP3s (or any other data) isn't stealing because the original data has not been lost to the original owner.

  • by Anonymous Coward on Wednesday June 06, 2012 @09:25AM (#40232049)

    As an IT/security guy reading about these seemingly constant ongoing password change requests, I can't help but think that the problem lies not only with how many special characters we're using in our passwords, or whether or not we're using our pet's name, but more so in how the infrastructures of all of these magically eutopian social networks are storing this information. Correct me if I am wrong, but haven't the majority of the recent problems that have forced us all to change our passwords, whether it is LinkedIn, World of Warcraft or whatever been due to leaks from the back-end, not poor Johnny at the keyboard giving it to Ivan the hacker (no offense to the real Ivans or Johnnys)? Kind of like having to keep replacing the car tires because the roads are made of broken glass. Its not my fault, but I have to suffer. It would seem we need to put more PCI/SOX/whatever-like standards in place to better protect and mandate how our information is stored as more and more encouragement is put in place to unzip our metaphorical zippers online.

    And for the record, I am not an anonymous coward, but I forgot my password and my email isn't the same as it was 8+ years ago when I set up my slashdot account...

    ignorance is bliss in this case :)

    • by fuzzyfuzzyfungus (1223518) on Wednesday June 06, 2012 @09:29AM (#40232109) Journal
      Are you suggesting that power should be accompanied by responsibility?

      Why do you hate America, you godless communist?
    • by AbRASiON (589899) *

      I really hate to link xkcd but they are on the money with this one.
      http://xkcd.com/936/ [xkcd.com]

      I'm getting tired of having to have ridiculous passwords, now I'm just either ALWAYS making the first character an uppercase because it's easier, or doing quick pattern based passwords for the ultra fussy systems.
      123qwe!@#QWE - that's surprisingly quick to input yet keeps those stupid systems quiet.

      • I really hate to link xkcd but they are on the money with this one.
        http://xkcd.com/936/ [xkcd.com]

        I'm getting tired of having to have ridiculous passwords, now I'm just either ALWAYS making the first character an uppercase because it's easier, or doing quick pattern based passwords for the ultra fussy systems.
        123qwe!@#QWE - that's surprisingly quick to input yet keeps those stupid systems quiet.

        They can have my linked-in hash. Based on a similar pattern is should take 11945132084526 centuries to crack according to passfault [appspot.com].

        For the lame systems that insist on bad passwords, I just generate something random in keepassX

    • by Xenna (37238)

      No, it's a good idea to force users to have different types of characters in their passwords. That's exactly because of this kind of thing. The way to break hashed passwords is to use a precomputed rainbow table. That's typically a list of all possible passwords of a certain length range with the matching hashes. If you have that, cracking is easy, just a quick lookup.

      Now, the problem with rainbow tables is that they are pretty big (starting with hundreds of GB's). That's big, but not that big these days. I

  • by Sir_Sri (199544) on Wednesday June 06, 2012 @09:28AM (#40232093)

    This would seem to raise two questions. the first is whether or not usernames can be tied to their corresponding hash. Even if they can't that's not a hugely difficult problem to overcome though.

    The more serious question is how good is SHA 1 then. A database like this (a table of hashes) is what you'd expect someone could hack from a reasonably secure system (although you would have wanted to see some salting as well as hashing but either way). Having a hash of a password doesn't mean you can regenerate the password. If your password is subject to a simple dictionary attack then sure it can be regenerated, you're pretty much doomed, but you're not much more doomed than you were before. A strong password... now that's where this gets interesting. The question is whether or not there are vulnerabilities in SHA 1 that will let you regenerate good passwords (or even bad passwords that aren't dictionary attacks).

    If you had a strong password, and SHA 1 is robust enough you could die of old age before anyone manages to figure it out. If SHA 1 has meaningful holes in it... well that's not so good.

    Also, linkedin has 160 million users (or at least accounts) if not more than that. So their full database would be significantly larger than this. It will be interesting to know if this is a particular subset of the data (all iOS users, all android 2.3.2 users, all chrome users, that sort of thing) or something else. Purely hypothetically this could be all of the really early linked in users that haven't changed passwords since they implemented SHA 2 if they ever did for example, or it could be a particular version of the website fails.

    People on twitter finding their password doesn't mean a whole lot, unless you know the password was strong and unique, and where those users are from, and when they joined linkedin.

    • by jrumney (197329)
      How strong strong passwords are doesn't really matter. Enough people on linkedin will have weak passwords that spammers will be queuing up to get their hands on a new "trusted" delivery mechanism for their wares.
      • by Sir_Sri (199544)

        ya but without any easy way to tie passwords to accounts there's nothing new there. Yes, lots of accounts on web services have bad passwords, that's not news to anyone.

    • by Bengie (1121981)
      I don't use SHA1

      Pseudo-code:
      PasswordHash = SHA512(MergeArray(txtPassword.GetBytes(),Salt[]))
      Where Salt[] is a Cryptographic.RNG.GetBytes(32), which is stored in the DB and generated new every time the password is set.
      • by Sir_Sri (199544)

        Nor should you.

        That was my point with the blurb as to whether or not this might be a specific problem. Linkedin has been around since 2003, it's not inconceivable that they would have used SHA 1 in 2003, or in some countries for some circumstances etc.

    • by AmiMoJo (196126)

      The wonderful thing about having 6.5 million password hashes to play with is that a simple dictionary attack will probably get you a couple of million plaintext ones within hours. No need to look for weaknesses in SHA 1, just like there is no need for the cheetah to catch the gazelle at the front of the pack when there are plenty of easy pickings at the back.

      • by Sir_Sri (199544)

        Sure. But people with trivial passwords never had any hope of security anyway, we can discount those accounts and identities and write them off with or without this leak. It's everyone else I'd be worried about.

  • The LinkedIn iPad app is supposedly 95% HTML5 [venturebeat.com]. Makes me wonder how suitable it is as a "platform" handling sensitive data.

  • I don't know how LinkedIn's login APIs work, but if they use secure user/pass logins and store authentication tokens on the client side as is good practice then in theory exposing these server side generated hashes wouldn't really compromise the system. The problem is that SHA-1 has been broken :( So in theory someone could reverse these and get plaintext passwords and salts or whatever is in them.

    This is one reason you don't send password hashes over the network...

  • LinkedIn also takes contact information from your Gmail account: http://privacylog.blogspot.com/2008/12/privacy-fail-linkedin-steals-private.html [blogspot.com]

  • i think a sane password policy would be

    1 between 6 and 16 characters
    2 case sensitive (but don't actually REQUIRE mixed case)
    3 allow the full Latin-1 character set (with a limited number of excluded characters)
    4 no dictionary words
    5 encourage but don't require numbers and symbols
    6 no reusing passwords
    7 limit password changes to N a month (with further changes being done at the IT office).

    but all these multi clause policies reduce the number of possible passwords (could somebody run the math on my suggestion

    • by Sabriel (134364)

      re 1, if users want a long (>16) passphrase, this is a good thing
      re 4, I refer you to https://xkcd.com/936/ [xkcd.com]
      ditch 6+7
      add:
      * client-side entropy check to reject cryptographically weak passwords
      * server-side sanity check including (but not limited to) a quick dictionary+rainbow test
      * option of pairing a CSPRNG authenticator (via mobile app or dedicated device)
      * system's security has been vetted by people who actually know what the hell they're doing :)

  • Link me out

    { Actual quote: Include me out }

  • by Wrath0fb0b (302444) on Wednesday June 06, 2012 @10:07AM (#40232631)

    In cases like these, I feel like whoever is in charge of security over there needs to be held responsible for not following best practices and salting the damn password hashes. This has been security standard since PKCS #5 v2.0 [wikipedia.org] -- and you know security professionals don't publish these standards just for their own health. And this is not a new fangled thing, it was finalized in 2000 [ietf.org] 12 years ago.

    Failure to do so is malpractice ...

  • Hashes list link (Score:5, Informative)

    by xded (1046894) on Wednesday June 06, 2012 @10:08AM (#40232643)

    http://www.mediafire.com/?n307hutksjstow3

    When checking for your password, check both for its SHA-1 hash and for the SHA-1 hash with the first five chars zeroed. Quoting [ycombinator.com]:

    Some observations on this file:

    0. This is a file of SHA1 hashes of short strings (i.e. passwords).

    1. There are 3,521,180 hashes that begin with 00000. I believe that these represent hashes that the hackers have already broken and they have marked them with 00000 to indicate that fact.

    Evidence for this is that the SHA1 hash of 'password' does not appear in the list, but the same hash with the first five characters set to 0 is.

    5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 is not present
    000001e4c9b93f3f0682250b6cf8331b7ee68fd8 is present

    Same story for 'secret':

    e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 is not present
    00000a1ba31ecd1ae84f75caaa474f3a663f05f4 is present

    And for 'linkedin':

    7728240c80b6bfd450849405e8500d6d207783b6 is not present
    0000040c80b6bfd450849405e8500d6d207783b6 is present

    2. There are 2,936,840 hashes that do not start with 00000 that can be attacked with JtR.

    3. The implication of #1 is that if checking for your password and you have a simple password then you need to check for the truncated hash.

    4. This may well actually be from LinkedIn. Using the partial hashes (above) I find the hashes for passwords linkedin, LinkedIn, L1nked1n, l1nked1n, L1nk3d1n, l1nk3d1n, linkedinsecret, linkedinpassword, ...

    5. The file does not contain duplicates. LinkedIn claims a user base of 161m. This file contains 6.4m unique password hashes. That's 25 users per hash. Given the large amount of password reuse and poor password choices it is not improbable that this is the complete password file. Evidence against that thesis is that password of one person that I've asked is not in the list.

    • by _0xd0ad (1974778)

      Thanks for that info.

      I checked the tail end of the SHA-1 hash of my LinkedIn password; it wasn't in the list, neither zeroed or in full. I'd already signed into LinkedIn and changed it, so it's moot, but yeah, my password wasn't in the dump.

      • by _0xd0ad (1974778)

        Also, forgot to mention, isn't the implication of some cracked / some non cracked that whoever originally got their hands on the data only has the hashes, not the full passwords?

        Of course, it's also possible that some scavenger started cracking the SHA-1 hashes in a file that someone else released...

    • by AlXtreme (223728)

      My hash was on the list, in full. It was an old password, but a non-trivial long combination of (upper & lowercase) characters & numbers. Ouch!

    • by DynamoJoe (879038)
      Great post. I was able to find my own hash without the 00000. I wasn't able to find common passwords until I swapped out the first five chars for 00000 and now they're all over the place.
    • by aembleton (324527)
      Is there any reason why this passwords weren't salted?
      • I don't know if you're expecting LinkedIn to comment, which I seriously doubt they will, but probably the same reason security shortcuts get taken everywhere. Laziness. Schedule pressure. Ignorance. Stubbornness. ("Damn SecurityGuy is always trying to make me more work! He's just paranoid. Nobody cracks SHA1!")

        That's not an exhaustive list, obviously.

    • by tlhIngan (30335)

      Looking at the list, I noticed the last 8 characeters didn't appear to be as random as they appear...

      E.g., take your password hash and look above and below it...

      00000b3e292bbeed2d64d87eb1eb8aa2 7ee68c81
      000001e4c9b93f3f0682250b6cf8331b 7ee68fd8
      9c56af71aac0f64999c2a4ec3dc8a756 7ee68ffc

      you'll notice the last 8 characetrs seem to be lacking in entropy - 7ee6xxxx

      This is true throughout the file - it looks to be a 32-bit counter of something, increasing in some fashion.

      • by xded (1046894)
        That's because the passwords are usually shorter than the hash itself. I haven't looked into the details, but I assume they sorted the hashes this way to group similar length passwords together.
    • If you're on a *nix system like Mac or Linux, you can check against the file (after downloading and unraring) with:

      echo Type password and hit enter;stty -echo; read p; echo -n "$p" |shasum |cut -c6-40 |sed 's/$/$/' |grep -f- SHA1.txt; unset p; stty echo

      If there is output, your password is probably exposed.

      You can verify this methodology with any of the common passwords (like "password" sans quotes). Note that this isn't perfect; if it has a hit, it might have overlapped on the first five characters.

  • Just how many nails does this here cloud's coffin take ?

    Legally mandated opening EULA clause:

    "Your data is no longer private....".

  • by Jadeinfosy (960509) on Wednesday June 06, 2012 @10:21AM (#40232837)
    I changed my LinkedIn password a while back (about a month ago or so) my old password shows up in the Hash not my new password.
  • Hash file here (Score:3, Informative)

    by lixns21 (1887442) on Wednesday June 06, 2012 @10:32AM (#40233051)
    The hash file here. I could find my password in there (after changing it). Who uses unsalted hashes? Is it 1991? https://mail.yandex.ru/disk/public/?hash=pCAcIfV7wxXCL/YPhObEEH5u5PKPlp+muGtgOEptAS4= [yandex.ru]
  • Please tell me if this sounds right. Hackers have your password (and probably your username). They can get into this site and any others on which you use the same password and (even similar) username. They have all your Linked-in info, therefore finding your FB username, for example, is probably pretty easy.

    So, you can:
    1) Change your Linked-in password. The security hole may not be fixed yet so you may just be handing them your newer password. Do it anyway with a throwaway password you use just for
    • by SecurityGuy (217807) on Wednesday June 06, 2012 @12:32PM (#40234809)

      You already know the answer. You just don't like it.

      You say that using a different password for every site is not practical. Is it less practical than having to deal with Site A getting hacked and your bank account being emptied? For me, I'm perfectly willing to deal with the hassle of separate passwords.

      What I'd suggest is that your "strong" category should all have distinct, strong passwords. I'm fond of 16+ random characters including numbers, caps, specials, etc. It's crazy to trust Amazon and eBay, both giant companies which big targets on their back filled with employees who may or may not be honest, with your bank password. Write 'em down if you have to. You can keep them in your wallet with no note about what they are or usernames, encrypted on your phone, whatever. If that's not good enough, lock them in a safe at home.

      I do agree with having a throwaway class of password. I will reuse passwords across sites if they're sites I really don't care about. I don't really have a medium. If having it compromised would be bothersome, it gets its own password.

    • Try Keepass (keepass.info). It's an excellent, free password manager. There are others as well (LastPass is one that comes to mind). No excuses for not having a different password for each site you visit. As far as LinkedIn goes, changing the password is about all you need to do. You might want to monitor it for the next few days for any suspicious behavior. Evidently the password leak was via iOS so if you're not logging in with an iPhone or iPad then you're probably not affected. Does't hurt to change you
  • What's with all the LinkedIn bashing? I have been using it for years and have never gotten any spam from them. It's a great resource and has gotten me more than one job.
  • by Anonymous Coward on Wednesday June 06, 2012 @01:55PM (#40235881)

    Wow, the LinkedIn hacking looks a lot worse as the hours roll by. There is no indication that the security breach has been fixed yet, so logging into LinkedIn to change your password might be futile - the hackers might still be in there and now they've got your new password too.

    But thats not the worst, no not by a long shot. The 6.5 million password hashes that were uploaded to the Russian hacker forum are unique - i.e. any duplicate hashes are filtered out. Assuming some users pick the same "easy" passwords, it means the 6.5 million passwords could easily be a very significant chunk of the LinkedIn user base.

    And lets take that a step further - until we know any better, we have to assume that the group who hacked LinkedIn and stole those passwords got away with at least your LinkedIn username too. Which is your email address. You didn't use the same password for your email account as you did for your LinkedIn account did you? Oh wait you did.. Better go change your email password too. This list of email addresses alone is very valuable to the dark side of the internet as it's a huge list of confirmed, valid emails addresses.

    Its never great to be the bearer of bad news, but what was that - yes, that was it. LinkedIn also allows you to link your profile to your social media accounts - Facebook, Twitter, your private blog, etc etc. If you used the same email address and password to log into those accounts as you did for LinkedIn, you better get moving quick to change all of those passwords too (please, please use a different password for each site this time!) as at this point we have to assume the worst and that the hackers got the details about your linked profiles too.

    For some users, your credit card information may have been stored too so you could "upgrade" your LinkedIn account. Oh and your profile probably has your address on it.

    Finally, this opens up LinkedIn users to massive identity theft - generally LinkedIn users have uploaded their full CVs. That might even include your birthday and for married people your maiden name. It could easily show your first high school, where you went to college, the name of your first employer, etc etc. What are all those sort of details used for? Accessing your bank account, resetting passwords via security questions, you know, proving your identity online. Ouch.

    This hack has potential to be bad. Really really bad. And until we know the size of the breach we have no idea how far reaching it could ultimately end up.

Work without a vision is slavery, Vision without work is a pipe dream, But vision with work is the hope of the world.

Working...