This past week, I received several emails “from LinkedIn” indicating that someone from Bardstown, Kentucky requested a “reset password” link in the wee hours of the morning. I shared this information on Threads and in our Out Tech Your Kids group on Facebook, and it turns out I’m far from the only one who received this email.
I looked into the source code of the gmail and it didn’t seem to be a phishing scheme — one where someone spoofs an email from an otherwise legitimate sender to get you to share your password or other personal data on to a site that looks legitimate but isn’t.
As for a hack, I have not seen any reports of a LinkedIn data breach since 2012 — and hopefully you’ve changed your passwords a bunch of times since then!
Related: How can I prevent a Facebook hack? Reader Q&A
So what is that LinkedIn password reset email from Kentucky that’s going around?
The biggest clue is that the link verification came to all the emails I have on file with LinkedIn, despite only one of those being my official log-in email. Other users I spoke to had the same experience.
My educated guess is that this is either 1) a late result of a number of massive data breaches that took place in 2021, with millions of names aggregated with publicly available LinkedIn data for sale on the dark web. Or 2) An intrepid hacker with a database of emails trying to log in to all of them — which triggers those helpful confirmation emails from LinkedIn asking whether or not you asked for a password reset.
What can I do about it?
– Always be skeptical of password reset emails. Bravo to LinkedIn for making it abundantly clear that it wasn’t you asking for a password — unless you live in Bardstown, Kentucky and work on .
– If you have even the slightest concern that an email or text might be a phishing attempt, never click on a link provided. Go directly to the app or the website URL yourself. Here are some examples of LinkedIn phishing emails that they’ve provided for reference.
– Change your password — just in case. And MAKE STRONG PASSWORDS USING A GOOD PASSWORD MANAGEMENT APP! I cannot state this enough. (We all love 1Password so much we became an affiliate, after using and recommending the app for years.)php
– Use two-factor authentication wherever you can. That means no one can log into your account from an unrecognized device without also providing a limited-time code texted to you, or one generated by an authenticator app like Google Authenticator or Semantic’s VIP Access. For me, I also use the 1Password app for this functionality so you don’t need separate apps for password management and 2FA.
What about other hacks and data breaches?
One of the other reasons I like 1Password: It has a “Watchtower” (above) that will evaluate the strength of your passwords, and alert you any recent hacks or compromised passwords.
It also lists your weak or reused passwords so it’s very simple to reset them to stronger, unique passwords for each individual login. Note that most good password management apps will have a similar feature, but I like how user-friendly mine is. Check our post on easy tips for making strong passwords.
How can I find out if my other accounts have been hacked or compromised?
There an are number of websites that will tell you if your email or phone number has been scraped and appears in any hacker databases. Just in your email to haveibeenpwned.com — it’s safe. You can also trust sites like haveibeenbreached.com, which owned by the password app Cloaked.
Remember that just because your email appears in a hacker database doesn’t mean it’s associated with a useable password. Like I said, if you’ve updated your LinkedIn password since 2012 you’re probably good — but it can never hurt to change it again.
Good luck out there — and happy continued networking.
Top image: Ilya Pavlov on Unsplash
I received this email as well.. from Bardstown Kentucky. The email address it was sent from was legit as my email server had a verified check mark next to it. When I got the email, I did not click on the “one time sign in” link but at the very bottom where it said “Didn’t do this? Be sure to change your password right away” and I clicked that and realized it sent me a code to my email and when I popped it open to my safari to then access my email the link didn’t work… I got weirded out and worried so immediately closed it out and all tabs.
Did I put myself at risk by clicking that? I hope not but now I’m worried
I then went into my app directly, changed the password and added 2FA.
What’s the point of this mass email from the hacker if it’s legit and from LinkedIn? I guess I’m confused. If you don’t click the one time sign on- then is there any other way they could access the account?
It’s possible that they’re trying to connect an email with an old password (from LinkedIn or otherwise) accessed in a data breach. If the email from LinkedIn is legit – which it seems to be – no risk. They were protecting you! But still a good idea to go directly to the site if you ever have questions.
I suspended my account and, since I did it, LinkedIn sends me emails asking me to log in again. I thought this was a different attempt to make me log in again 🙂
Did you notice anything weird happening after? I did the same today and now i‘m freaked out too.
I found your article searching for this exact issue. I contacted Linkedin today mentioning this problem. It’s terrifying especially to those of us who are unemployed & rely on Linkedin & our network to find jobs.
Thank you for posting this. It gave me some peace of mind to know that I am not the only one facing this.
I have been receiving the exact message from LinkedIn. someone from Bardstown, KY on Chrome. Definitely is not me or anyone I know. I put on two-factor authentication and changed my password. It is unnerving, as I have received 3 of these emails.
thank you for posting this! I’ve received 4 of these emails over the past couple of weeks. I’ve changed my password a couple of times, to one of those random generated ones, so I know someone couldn’t have worked it out. it puzzled me!
Thanks for this. I was wondering what was going on. I’m only getting emails at my old address that isn’t even associated with my account anymore. I changed it almost a year so the data is older than that.
I been getting similar emails from Facebook with subject like this is the code you requested to reset your password. But I haven’t been on Facebook for years. In fact I’m not even sure I still remember my Facebook PW as I think I deactivated it years back. Anyways I’m even afraid to email to check if it’s legit from Facebook. I’m assuming it’s not uncommon but I’m not sure what’s the next step to take if any. These “scares” are annoying as heck.
Lynda – we published an entire piece on how to prevent a Facebook hack, and what to do if it happens. Hope this helps!
i recieved some other Emails too, i’ve been thinking is hotmail hacked?
Thanks for posting this! I came across your article while searching for this exact issue. I received the ‘Bardstown KY’ email at my work email… which was a major red flag! I mainly use LinkedIn for discreet job searching, so I have my account connected to my personal email and definitely NOT my current work email.
My guess is that the hacker is trying to connect an email with an old password accessed in a data breach.
Same guess. That’s what makes most sense.
Same here!!!! Thanks for the info. Glad to see I am not personally being targeted.
I’ve changed my password 3 times in the last 2 weeks on linked in to 24 character, alpha-numeric-symbolic passwords and I continue to get this. There’s no way they’re brute forcing my password this quickly, so there must be something else at play where someone is able to generate a login email like this without the password. How could that be?
This is happening to me too. The hacker is using “forgot password” on your email account so that is why you’re receiving the email. You’re safe as long as you’ve changed your password in the past couple years! It’s scary and annoying though, I know.
I’m glad to see I’m not the only one getting this. I’ve had some Experian alerts as well lately, saying that someone has published my email and password, but fortunately the passwords are incorrect; also some Facebook password reset emails. My best guess is that someone unpleasant has gained possession of a bunch of names and emails and is trying their luck.
After googling I found this page where many people are having the same issue as mine.
I received one one March 17, 2024 with same word “Here is your one-time link that will sign you in instantly.” .. “This link will expire in 15 mins. Please do not forward this email to others to prevent anybody else from signing in with this account.”
Approximate Location: Bardstown, Kentucky, United States
Email looks legitimate. I have changed my password and added two step verification.
I think the “hacker” uses bots to auto spam leaked emails that have a linkedin account in hopes of that someone accidentally clicks their message to verify them to log in. that some click the link. Maybe on their side it is waiting for the acceptance of the button click to let them in.
If you never use one time email login yourself, then a good solution to no see these messages would be to make a rule in your email that for example moves all incoming emails with the title “(Yourname), here is your link to sign in to LinkedIn” to junk or trash.
I’ve received this email at least 8 times now (I started saving them). I changed my password the first time but I don’t see the need to keep changing it. I have a strong, 1Password-generated PW, and I don’t see how constantly changing it will help (unless, of course, another breach happens).
You should be all set, Daniel! You changed it once to be sure and as I suggested, it’s likely a login attempt using an old password.