Password Whack-a-mole
As you have probably heard, more than 160 million LinkedIn password hashes are available for sale on the darknet.
For 5 bitcoins (roughly $2,200), anyone could purchase the entire package and reverse engineer the password hashes.
Since salts were not used, a dictionary attack is quite trivial. In less than 1 week, the password could be made available in plaintext.
As a LinkedIn user, it is probably wise to change your Linkedin password. Will that be enough?
Not really!
Are you using the same username and password on other websites?
The hackers could execute a credential stuffing attack. What is it? It automatically tests the list of credentials across multiple websites.
Here is a great video by Nwokedi C. Idika, explaining what credential stuffing attack is.
As long as you are not re-using your LinkedIn credentials elsewhere, you are good to go. Otherwise, I would recommend that you change your passwords on other websites too!
