LinkedIn says it learned about 6.5 million passwords being posted on a hacker site, but then neither confirmed nor denied that number. LinkedIn offered no explanation as to how the passwords had been obtained, how they ended up on a Russian hacker website. Security experts have faulted LinkedIn for using only the SHA-1 hashing algorithm to protect member passwords. LinkedIn’s first priority in the wake of the incident has been to “lock down and protect” the accounts associated with the decoded passwords, CEO Vicente Silveira says.”]
Source: https://www.csoonline.com/article/2131854/linkedin-provides-breach-update—-sort-of.html