Security researchers have confirmed that a file containing 6.5 million encoded LinkedIn passwords has been posted to a Russian hacker site. LinkedIn has yet to confirm the breach, but it took to its Twitter account Wednesday to tell users it was investigating the matter.
It is unclear whether the file represents the full extent of the breach. Paul Kocher, president of Cryptography Research, a computer security company in San Francisco, said it appeared that LinkedIn’s user credentials had been compromised because it stored log-in information on its main Web servers instead of isolating those files on separate, secure machines whose only function was to verify log-in details.
Read this article and change all your passwords. I see users with insecure passwords ALL the time, and it is shocking. And never use the same password for all your accounts. Bank, credit card, and retail accounts that store your credit card, should never have the same passwords as other sites and they should always be long and complex.