1011+ breaches tracked — check free
EmaiLeaked
travel_explore Email checker lock Password checker database Recent breaches menu_book Data breach guide article Blog group About
search Check my email now
Privacy Terms Contact Editorial standards Disclaimer

LinkedIn

High

In 2012, LinkedIn experienced a data breach that was initially reported as 6.5 million exposed passwords. Four years later, in 2016, a database containing 164 million email and password combinations from the same incident appeared for sale online. The passwords had been protected only with an unsalted SHA-1 hash — a method that security researchers cracked within days of the data surfacing.

164.6M
Records exposed
2012
Year
2
Data types
Free
To check
Check if you were affected — free

Quick answer — was LinkedIn breached?

Yes. LinkedIn was breached in May 2012, exposing 164,611,595 records including email addresses, passwords. This breach has been independently verified. If your email was involved, your data may still be at risk today. Check if you were affected.

What happened in the LinkedIn data breach?

In 2012, LinkedIn experienced a data breach that was initially reported as 6.5 million exposed passwords. Four years later, in 2016, a database containing 164 million email and password combinations from the same incident appeared for sale online. The passwords had been protected only with an unsalted SHA-1 hash — a method that security researchers cracked within days of the data surfacing.

LinkedIn users frequently share professional contact details across multiple services, making the exposed email addresses a reliable starting point for targeted business-focused phishing campaigns. The cracked password hashes gave attackers direct account access, and credential stuffing attacks using these combinations continued for years after the initial disclosure.

The LinkedIn breach is widely cited as a textbook example of why password hashing must include a random salt — without one, identical passwords produce identical hashes, letting attackers crack thousands of accounts at once by recognising repeated patterns. Learn more about what a data breach means for you.

Why was the LinkedIn breach so dangerous?

LinkedIn users frequently share professional contact details across multiple services, making the exposed email addresses a reliable starting point for targeted business-focused phishing campaigns. The cracked password hashes gave attackers direct account access, and credential stuffing attacks using these combinations continued for years after the initial disclosure.

Don't wait to find out — check if your email was exposed in this breach.

What data was stolen in the LinkedIn breach?

Email addresses Passwords

Email addresses — used for phishing attacks and credential stuffing against your other accounts

Passwords — can be used to access your accounts directly or cracked to reveal your actual password

Timeline of the LinkedIn breach

June 6, 2012

LinkedIn publicly acknowledges a breach; initially reports approximately 6.5 million hashed passwords posted to a Russian security forum

June 2012

Security researchers confirm passwords were hashed with SHA-1 without a salt; the majority are cracked within days using freely available tools

May 2016

A database containing 164 million email addresses and password hashes from the 2012 breach appears for sale on a dark web marketplace

May 2016

LinkedIn confirms the full scope and forces immediate password resets for all accounts with credentials not updated since 2012

Is the LinkedIn breach still dangerous in 2026?

Yes. Stolen data from the LinkedIn breach remains dangerous years after the incident. Attackers routinely compile data from multiple breaches to build complete profiles, and credentials from 2012 are still actively used in automated attacks today.

Personal information like email addresses, phone numbers, and dates of birth does not expire. Even if you changed your LinkedIn password, the other exposed data can be combined with information from other breaches to target you. Learn how long stolen data stays dangerous.

What to do if your email was in the LinkedIn breach

1

Change your LinkedIn password immediately

Log into LinkedIn and change your password to something strong and unique — one you have never used anywhere else.

2

Change any account sharing that password

If you reused this password elsewhere, change it on every affected account. Attackers test stolen credentials against hundreds of popular sites within hours.

3

Enable two-factor authentication

Turn on 2FA on LinkedIn and every important account. Even if your password is known, attackers cannot access the account without the second factor.

4

Check your other accounts for this breach

Run a full email scan to see every breach your address appears in — not just this one.

Check all my breaches — free

Frequently asked about the LinkedIn breach

What happened in the LinkedIn data breach?
In June 2012, attackers accessed LinkedIn's password database and exfiltrated email and password combinations for millions of accounts. LinkedIn initially believed only 6.5 million passwords were affected. When the data re-emerged in 2016, the true figure was confirmed at 164 million email–password pairs.
Were LinkedIn passwords really cracked?
Yes. LinkedIn stored passwords using SHA-1 hashing without a salt — meaning identical passwords always produced identical hash values. Security researchers cracked the vast majority of the exposed hashes within days by comparing them against precomputed lists of common passwords, a technique that salting would have blocked entirely.
Why did it take four years to learn the full scope of the breach?
In 2012, LinkedIn believed its exposure was limited. The full database was apparently held privately for years before appearing for sale on criminal markets in 2016. This is a documented pattern: stolen credential databases are often traded or held for years before surfacing publicly.
How is this different from later LinkedIn data scraping incidents?
The 2012 breach was a direct database compromise — attackers stole actual passwords from LinkedIn's systems. Later incidents (2021 and 2023) involved scraping publicly visible profile data via LinkedIn's API. The 2012 breach is more severe in terms of credential security; the scraping incidents are more severe in terms of scale and de-anonymisation risk.

How this breach page is reviewed

Breach pages are built from structured breach records and reviewed for practical risk guidance by EmailLeaked. Risk labels reflect exposed data types and are intended to help readers prioritise action.

Was your email in this breach?

Check if your email appeared in the LinkedIn breach and 1010+ other known breaches — free, instant, no signup.

Check my email — free

No signup · Under 2 seconds · Never stored

Was my email hacked?

Check if your email is compromised in seconds. Free, private, no signup. Scan millions of breach records across 1011+ known breaches.

Check my email now — it's free

No signup required · Results in under 5 seconds · Your data is never stored