2012 LinkedIn breach was bigger than we thought

Posted at 2:12 PM, May 19, 2016
and last updated 2016-05-19 14:12:13-04

LinkedIn is resetting a whole bunch of passwords following a 2012 data breach. 

Originally, the business-oriented social network believed the breach impacted 6.5 million users' passwords. But in a blog post Wednesday, LinkedIn revealed that more than 100 million users might have been affected. 

"We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," the blog post said. "We have no indication that this is as a result of a new security breach." 

A Motherboard interview with the alleged hacker posted early Wednesday seems to be what prompted LinkedIn's response. 

In the interview, the alleged hacker claims to have compiled information on 167 million accounts — including both the email and password for 117 million of them.

LinkedIn's post also encouraged people to use strong passwords and consider two-step verification — using a password and mobile device to gain access to their accounts. 

In reality, if you haven't changed your password since the hack four years ago, you're likely long overdue.  

While there's no clear answer on how often to change your password, it's not a bad idea to change it every few months for accounts that contain sensitive information. 

This video includes images from Getty Images.