The Connecticut Better Business Bureau is urging users of the social media platform LinkedIn to change their passwords right away, after the company acknowledged stolen passwords are now being sold on the black market.
When its database was compromised four years ago, LinkedIn said hackers stole 6.5 million passwords. The social network site now says 117 million passwords were stolen and that it is contacting users directly by email recommending they log in and change their passwords.
LinkedIn addressed the data theft in its blog and urged users to change their passwords on a regular basis. Unfortunately, people who use the same password for multiple sites are at substantial risk of becoming a victim of fraud. Hackers use stolen information to try and access victims' email, financial accounts and popular sites that rely on an email and password combination.
Security experts are calling on consumers to adopt a safer login system called "multi-step" authentication. A growing number of websites have adopted this technology, but users must first activate the feature to use it.
Multi-step authentication requires a login, password and security code sent to your telephone or text, or generated by a smart device application. This additional authentication greatly increases security by blocking anyone from logging in to your accounts unless they have your smart device.
A growing number of sites have adopted this technology but it is optional, and users must activate the feature manually.
In the aftermath of LinkedIn's revelations, be suspicious of any email that appears to come from LinkedIn, but asks for personal information or instructs you to click on a link or open an attachment.