Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I got an email from them this morning about this, it just smells like all their other junkmail begging me to +1 their active users.

Why don't they invalidate the passwords all at once instead of letting -- someone -- use the potentially compromised passwords again...



Incredible... The email says:

"We've recently noticed a potential risk to your LinkedIn account coming from outside LinkedIn."

That's almost as bad as saying "we take security very seriously" after a hack!


What does that even mean?

How can a risk come from "outside" LinkedIn related to my password? If I haven't leaked my own password, then there should be nothing to fear, and my account should be secure.

Unless of course LINKEDIN ITSELF is compromised, and leaked my password. In that case, the wording about "coming form outside LinkedIn" just smells like BS/spin to me.


gotta spin!


Users that may no longer have access to the email on that account would have a very difficult time regaining access. But overall definitely a better idea than letting a massive number of users get locked out by someone with the hacked credentials


Then what good is sending out the warning via email?


Because the people who do have access to their email are warned.


FWIW, I was forced to reset when I tried to log in (although prior to that one of my active sessions was still working)




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: