Additionally, it seems that LinkedIn did not use a technique called “Salt” on its password encryption. This would consist in adding a random string to the password before encrypting it, thus making any reverse-engineering of the encryption much harder as it is not possible for hackers to compare results obtained with different passwords decryption attempts.
Finally, it’s clear that if hackers have been able to access the encrypted passwords, they may also have obtained your email and other information that can be used subsequently to send scams, fake password reset attempts etc… In the end, we won’t know the full extent of the breach, so if you use Linkedin, it would be safer to update/change your password as soon as possible. Then be careful for suspicious emails seemingly coming from LinkedIn.
If you are using the same password on other sites, you may consider the fact that changing your password on LinkedIn only will not protect other sites. They would all need to be changed. And that holds true if you’re an eHarmony customer as well, as they got hacked too. Good luck. [Dagensit (Norwegian) via Informationweek]