On Wednesday, LinkedIn said that a security breach resulted in over 100 million user passwords being compromised.
Now the company’s taking action. Anyone with a LinkedIn account who hasn’t changed their password since 2012 — when the breach happened — is receiving an email asking them to change their password.
Several Business Insider staffers received an email on Thursday. A LinkedIn spokesperson confirmed the emails are related to the breach and says the investigation is ongoing.
So no, the password reset email you received today from LinkedIn isn’t a phishing attempt by hackers. In fact, the email complies with modern security practices: instead of giving users a link to reset their passwords, instead it urges them to go to Linkedin.com and reset their passwords from there.
In fact, users with older LinkedIn accounts will need to reset their password the next time they log in.
Here’s the email I received: