2nd most common password on LinkedIn is ‘linkedin’

Data stolen from LinkedIn in a data breach back in 2012 has surfaced online. A criminal hacker is now selling the data for 5BTC (roughly $2200).

Around the time of the breach in 2012, roughly 6.5 million encrypted passwords were posted online, but it appears that much more data was stolen (117 million email addresses and passwords).

LeakedSource, a search engine that’s got a copy of the data, spoke to Motherboard about the data: “It is only coming to the surface now. People may not have taken it very seriously back then as it was not spread […] To my knowledge the database was kept within a small group of Russians.”

Passwords broken in 72 hours

Leakedsource.com, a site holding the data told Motherboard that they had cracked “90% of the passwords in 72 hours”. Troy Hunt, the well-respected owner of the ever-useful site haveibeenpwned.com, got in touch with a few victims of the data breach, who confirmed the passwords Troy had were the passwords they’d been using at the time of the breach.

Weak passwords – 20 most popular passwords from breach

The passwords that were cracked have been listed on leakedsource.com, and it’s not surprising how weak some of these are:

Rank Password Frequency
1 123456 753,305
2 linkedin 172,523
3 password 144,458
4 123456789 94,314
5 12345678 63,769
6 111111 57,210
7 1234567 49,652
8 sunshine 39,118
9 qwerty 37,538
10 654321 33,854
11 000000 32,490
12 password1 30,981
13 abc123 30,398
14 charlie 28,049
15 linked 25,334
16 maggie 23,892
17 michael 23,075
18 666666 22,888
19 princess 22,122
20 123123 21,826

They could have at least correctly capitalised ‘linkedin’.

Trends and traits of data breaches

Managing Information Security Breaches - Studies from real life, 2nd EditionTo help you understand the trends and traits of data breaches, what they are, how and why they occur, and what you can do to avoid suffering a similar fate, take a look at our book of the month: Managing Information Security Breaches – Studies from real life by Michael Krausz.

This thought-provoking guide details how breaches can be treated and the direction you should take if you’ve been affected.

Buy your copy now.

More to come

The story of this data will continue to develop over the next few days. For now, I recommend signing up to our Daily Sentinel to ensure you don’t miss out on any updates.

Share now…

Share on Twitter Share on Facebook Share on LinkedIn

One Response

  1. Andrew Evans 20th May 2016