Login credentials for as many as 117 million LinkedIn accounts have been put up for sale online by someone who is seeking more than $2,200 for the haul, a security researcher said.
The credentials—which include e-mail addresses and passwords hashed using the woefully weak SHA1 function—appear to come from a 2012 breach of the career networking site, researcher Troy Hunt said in a series of tweets. LinkedIn officials have since verified that the 2012 hack was the source and said they are working to invalidate any passwords that may still be actively used on compromised accounts.
