今早开始有报道称，600多万用户的账户密码被盗，现在该公司已经在其博客上发布了一篇文章，证实了这一安全漏洞——尽管该公司尚未确认有多少账户被泄露。

受影响的用户将收到一封来自LinkedIn的电子邮件，其中包含如何重置密码的说明。这似乎也不是标准的密码重置程序——任何受影响的用户都将自动被锁定在其帐户之外，LinkedIn发送的密码重置电子邮件将不包含任何指向该网站的链接。LinkedIn还将从****部向受影响的会员发送第二封电子邮件，详细说明违规背后的情况。我们不禁觉得，该服务的所有成员都应该知道到底发生了什么——他们把自己的个人资料委托给了LinkedIn，不管自己的密码是否被盗。

LinkedIn博客文章全文如下。

1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.

2. These members will also receive an email from LinkedIn with instructi*** on how to reset their passwords. There will not be any links in these emails. For security reas***, you should never change your password on any website by following a link in an email.

3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.

It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases. We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously, if you haven’t read it already it is worth checking out my earlier blog post today about updating your password other account security best practices.