Members of the world's biggest professional networking site LinkedIn have woken up to frightening news. A Russian hacker has stolen about 6.4 million passwords and reportedly displayed his booty (without showing the user names.)

The fact that a personal blog post of one Ms Samantha Murphy on “how to check if your LinkedIn password was stolen” was shared by 1,200 LinkedIn users and 2,600 Twitter users in a few hours of the report shows how worried the users are.

LinkedIn quickly responded and admitted that some of the passwords were compromised. “We are continuing to investigate this situation. Members whose accounts were compromised will notice that their passwords are no longer valid. They will receive an e-mail from us with instructions on how to reset their passwords,” Mr Vicente Silveira, Director at LinkedIn, has said in the site's official blog.

“There will not be any links in this e-mail. Once you follow this step and request password assistance, then you will receive an e-mail from LinkedIn with a password reset link. We sincerely apologise for the inconvenience this has caused our members,” he said.

He, however, insisted that the firm was still unable to confirm that any security breach has occurred.

Protect passwords

McAfee asked the users to login into LinkedIn via a new browser window and not to access it through an e-mail. It also wanted the users to change passwords using a unique, complex pass-phrase immediately.

“It's a good idea to make it a monthly habit of updating your password. It's time to change the passwords to all other accounts that require authentication, especially if you use the same password,” it said.

> kurmanath@thehindu.co.in