14 DAY TRIAL // LinkedIn has taken the preventive step of resetting passwords on accounts that shared email addresses with the ones compromised at Gawker Media a few days ago.
The decision comes after the high-profile compromise, which resulted in a database of 1.3 million accounts being leaked, was directly linked to a mass spam attack on Twitter.
LinkedIn compared the emails in the leaked database with accounts on its own website and began forcing a password reset for them. The social network for professionals then sent out an email to affected users that read:
"We recently sent you a message stating that your LinkedIn password had been disabled for security reasons. (Note: If you have more than one email registered with us, you will receive more than one password reset message. You only need to act on one of them.)
This was in response to a security breach on a different site, Gawker.com, where a number of usernames and passwords were exposed. We want to make sure those leaked emails and passwords were not being used to attack any LinkedIn members.
There is no indication that your LinkedIn account has been affected, but since it shares an email with the compromised Gawker accounts, we decided to ensure its safety by asking you to reset its password."
Some security-conscious users who are not in the habit of using the same password across different websites were not happy with this proactive measure.
However, the sad truth is that, despite the countless awareness campaigns and warnings issued by security researchers against password reuse, a large amount of people still do it.
Not only that, but as an analysis of the Gawker database has shown, many of them even use very weak access codes that are on the default wordlists of most password cracking programs.
The Gawker Media breach was reveled last weekend, when a wealth of confidential information including the company's source code, internal chat logs and emails and, of course, the aforementioned user database, were leaked onto the Internet.