Thursday, July 19, 2018

The LinkedIn data breach from 2012 lives on...

The scam email (below) that I just received this morning is a great reason to use LastPass or any other reputable password safe so you can have a unique password for each and every account. I have somewhere around 800 different online accounts.

The person behind this email is trying to blackmail me. helped me locate which accounts associated with "" username/email have had known hacks with the data sold.

"LinkedIn: In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data." (information from )

Thanks to LastPass's password history I traced the old password they included in the subject line to one I used a long time ago with LinkedIn around 2012. Luckily I changed it shortly thereafter to a weird and unique one that LastPass generated.

Now all my passwords are 20-36+ in length and random characters including upper/lowercase, numbers, and special characters.

Stay safe out there. There are a lot of scammers. Please also practice safe-computing to keep your computer free of key loggers and other malware.

---------- Forwarded message ----------
From: Jules Denney
Date: Thu, Jul 19, 2018 at 6:01 AM
Subject: tim - xxxxOldPasswordxxxx
To: ""

Lets get directly to the purpose. Nobody has compensated me to check you. You don't know me and you're most likely thinking why you are getting this mail?

In fact, I placed a software on the X videos (porno) site and guess what, you visited this site to have fun (you know what I mean). While you were viewing videos, your internet browser started working as a Remote Desktop with a key logger which provided me access to your screen and also web cam. Immediately after that, my software program collected your entire contacts from your Messenger, social networks, and e-mailaccount. Next I created a double video. 1st part displays the video you were viewing (you've got a good taste lmao), and next part displays the recording of your webcam, yeah it is you.

There are a pair of solutions. Shall we go through the choices in aspects:

1st choice is to dismiss this message. Consequently, I am going to send your video clip to almost all of your contacts and just consider about the disgrace you will get. Not to mention should you be in a romantic relationship, how it would affect?

Number two alternative should be to give me $3000. We will think of it as a donation. As a result, I most certainly will right away discard your video footage. You could continue your daily life like this never happened and you are never going to hear back again from me.

You'll make the payment through Bitcoin (if you do not know this, search for "how to buy bitcoin" in Google).

BTC Address to send to: 1FPnorw1FMy3sMfuJ3gF3A4BVNTMjU47G8
[case-sensitive so copy and paste it]

Should you are planning on going to the police, anyway, this mail can not be traced back to me. I have dealt with my steps. I am also not attempting to ask you for money a huge amount, I simply prefer to be compensated. You now have one day in order to make the payment. I have a special pixel in this mail, and right now I know that you have read through this email. If I do not get the BitCoins, I will definately send out your video recording to all of your contacts including members of your family, co-workers, etc. Nevertheless, if I do get paid, I will destroy the video immidiately. This is the non-negotiable offer and so do not waste my time & yours by replying to this e-mail. If you need evidence, reply Yes! & I will certainly send your video to your 8 friends.