If you have not heard on the news or from LinkedIn, they had a security breach this week. Funny how I am learning about this with my Security+ Training.
SECURITY BREACH
If you have an account, I would suggest changing the password even if you do not get an email (see below) from LinkedIn.
Here is a copy of the transcript sent to me. Once I heard about the issue, I immediately changed my password. It was nice of them to send this, but several days after the fact is a little late. Please note that this is how they formatted it as well with no paragraph breaks - sloppy if you ask me. Yes, you need to get this message out ASAP, but you also need to be professional about it.
"We recently became aware that some LinkedIn passwords were compromised and posted on a hacker website. We immediately launched an investigation and we have reason to believe that your password was included in the post. To the best of our knowledge, no email logins associated with the passwords have been published, nor have we received any verified reports of unauthorized access to any member’s account as a result of this event. While a small subset of the passwords was decoded and published, we do not believe yours was among them. The security of your account is very important to us at LinkedIn. As a precaution, we disabled your password, and advise you to take the following steps to reset it. If you reset your password in the last two days, there is no need for further action. 1. Type www.linkedin.com/settings directly into your browser 2. Type in your email address and press Sign In, no password necessary 3. Follow the on-screen directions to reset your password Note: Do not reuse your old password when creating your new password. If you have been using your old LinkedIn password on other sites, we recommend that you change those passwords too. We appreciate your immediate attention to resetting your password and apologize for the inconvenience. Thank you,
The LinkedIn Team"
Now if you note, they said that if you already changed it, no further action is needed. However, when I signed in, it forced me to reset it once again. Nothing like having to update a password all over again. WTF
Now to add insult to injury, it seems that I am now getting botcalls to my phone. Why is it a botcall, well, once you answer the call, it immediately rings back to a person. The number being used is 8877777888 which is a false number. They are trying to say they are calling on behalf of the government (in a really bad and broken accent) that I have a $7000USD grant available.
Seriously, how dumb are people now a days to fall for this stupid shit - oh wait - several if they are paying people to take these calls.
Thanks LinkedIn for the security breach that is causing more headaches than just password resets.
No comments:
Post a Comment