Today, 6.5million LinkedIn password hashes leaked. These hashes are unsalted SHA-1 hashes and can be found online. If you happen to have the file lingering around, use grep "yourhash" combo_not.txt to check your hash is in it. Also check with the hash in which you replaced the first 5 characters by 00000.
If you’re not savvy enough, or don’t have the list, you can use LeakedIn
My old LinkedIn password was in the list (I changed it about a month ago). Best is to change it now, and change it again after LinkedIn has fixed the hole. Also, it’s — again — yet another reason to use different passwords for each site on the internet.
At the Microsoft TechDays 2012 in Belgium, white hat Paula Januszkiewicz shows how the tool Fiddler can be used to intercept the password of a LinkedIn user. The reason is because the password is not being encrypted by LinkedIn, although https is being used.
Not that wow imho, as it’s basically a man in the middle attack using a self-signed (thus forged) certificate (on which the browser will give you a notification). Quite sure lots of sites are “hackable” in this manner.