LinkedIn on Wednesday issued an apology to its members for the security breach.
While the passwords are encrypted, security officials warn that hackers will likely be working to decrypt the stolen passwords, and account users would be smart to change their passwords as soon as possible.
LinkedIn issued a statement saying that any LinkedIn members with an account associated with one of the compromised passwords will receive an e-mail from LinkedIn with instructions on how to reset their password. Members with affected accounts will find that their compromised password will no longer work when they try to log-in.
“It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases,” LinkedIn officials said in a statement on its blog.
LinkedIn also offers tips on its site for how to update your password and how to improve the security on your account.
The security breach follows on the heels of a newly released report that says LinkedIn’s iPhone app is also collecting information from users’ Calendar app entries (including e-mail addresses of people you meet with, meeting subject, location, etc.) and transmitting it back to the company’s servers — often without the users’ knowledge. The company assures LinkedIn members that the information is encrypted and isn’t being shared. LinkedIn IOS app users can turn off the ability to “Add Calendar” in the Settings screen, the company said.