Story first appeared in USA Today.
In the latest blow to online confidence, the accounts of some users of business-networking site LinkedIn and dating site eHarmony were compromised after users' encrypted passwords were posted on the Internet.
Many of LinkedIn's 161 million members worldwide, who use the site to form professional connections, were also bombarded Wednesday by e-mail from unfamiliar parties urging them to click on links to verify e-mail addresses. LinkedIn and eHarmony join the list of several major websites, including retailer Zappos.com, that were hacked in recent months.
Wednesday's cyberattack on LinkedIn, which affects as many as 6.5 million users, came on the heels of a discovery that LinkedIn's mobile app on Apple devices tracked users' calendar events and synched them to its server without users' knowledge, a practice that could violate Apple's privacy regulations.
The encrypted password hash codes, which can be deciphered to uncover users' passwords, could give the hacker access to users' accounts once the codes are cracked, according to an IDC tech industry analyst.
Some of the passwords that were compromised correspond to LinkedIn accounts, the company confirmed in a blog post on its site Wednesday. In another post, LinkedIn urged users never change your password by following a link in an e-mail, since those links might be compromised and redirect you to the wrong place. The company also said it would send users of the affected accounts instructions on how to reset their passwords and that these instructions would be devoid of any links.
Late Wednesday, eHarmony said the passwords of a "small fraction" of its users had also been compromised. The site, which says it has more than 20 million registered online users, did not say how many had been affected. But tech news site Ars Technica said it found about 1.5 million passwords leaked online that appeared to be from eHarmony users.
It's unclear who was behind the hacking, but several tech analysts encouraged users to change passwords on the sites and create unique passwords for every social-media account. If you have the same password on multiple accounts, change them right now. If the hackers get one password and all of your passwords are the same, they're going to have access to all your information.
The LinkedIn incident underscores the importance of passing data-protection legislation and that it forecasts a shaky future for online consumerism. How many times is this going to happen before Congress finally wakes up and takes action? More people are becoming antsy about providing their personal information online, and that's not good for the future.