117 Million LinkedIn User Credentials up for Sale

A hacker who goes by the moniker “Peace” is trying to sell LinkedIn account information of some 117 million users, including emails and passwords, on an illegal dark web marketplace.

Motherboard has revealed that the emails and passwords of 117 million LinkedIn users are now up for sale, after breach which occurred in 2012. At the time, LinkedIn did not clarify how many users were a part of the breach and only 6.5 million encrypted passwords were posted on the internet.

However, a hacker named “Peace” has told the publication that the data trove of over 100 million LinkedIn user credentials are being sold on an illegal marketplace called “The Real Deal.” The asking price? 5 bitcoins, or about $2,200 in current exchange rates.

Related article: The Rise of LinkedIn Fraud (And How to Avoid Being a Victim)

Paid hacked data search engine LeakedSource is also claiming to have obtained the data, as well. An administrator at LeakedSource and the hacker known as Peace have both revealed the actual total of the hacked LinkedIn database, a staggering 167 million accounts. Among the entire lot, nearly 117 million accounts have both emails and encrypted passwords.

Speaking to Motherboard, a person from LeakedSource stated:

It is only coming to the surface now. People may not have taken it seriously back then as it was not spread. To my knowledge, the database was kept within a small group of Russians.

To back up the claim, LeakedSource even provided the publication with a sample of nearly one million credentials. This batch contained email addresses, hashed passwords and the subsequent hacked passwords.

LinkedIn confirmed the leak in a blog post soon after. It read:

Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members from that same theft in 2012.

We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords.

Image credit: Flickr.