LinkedIn was hacked four years ago, and what initially seemed to be a theft of 6.5 million passwords has actually turned out to be a breach of 117 million passwords.
On Wednesday, the professional social network company acknowledged that a massive batch of login credentials is being sold on the black market by hackers.
The advice for everyone who uses LinkedIn (Tech30) at this point is: Change your password and add something called two-factor authentication, which requires a text message every time you sign in from a new computer.
LinkedIn said it’s reaching out to individual members affected by the breach. This particular hack affects a quarter of the company’s 433 million members.
Hackers are selling the stolen LinkedIn database on a black market online called “The Real Deal,” according to tech news site Motherboard.
For its part, LinkedIn offered the same, go-to statement used by every company after a data breach.
“We take the safety and security of our members’ accounts seriously,” wrote Cory Scott, the company’s chief information security officer.