The story that LinkedIn was hacked broke yesterday, but how does it affect you?

Yesterday, Motherboard broke the story that LinkedIn was hacked. However, it turns out that it was actually four years ago, so why is it news today? More to the point, should you run out and change your password? Turns out, maybe, maybe not.

In 2012, there was a report of a small leak of passwords from LinkedIn, (“only” 6.5 million). LinkedIn confirmed this and had those people set their passwords. At that time, however, many, including yours truly, advised people to change their passwords even if not notified and to not wait.

Well, it turns out that the advice was right. In reality, the password breach is about 117 million! The reason anyone found out about it is because those credentials were found for sale on the dark web.

So, in reality, if you changed your password back in 2012, you are good (assuming, of course, that no subsequent breaches have occurred). In that case, you could just wait for LinkedIn to notify you and go and change your password then. However, if you did not change your password then, do not wait to be notified, Just change it. Better to change it twice than get hacked.

And, if you never get notified, four years is a long time. You are past due to change your password. Go and change it anyhow. Another word to the wise.