Since I have an active LinkedIn account, recent LinkedIn security breach became a personal issue for me and I decided to investigate it by myself in order to find out whether my account could be compromised.
I have downloaded the file, which is -- according to the article published on Russian security news site -- claimed to be a file with stolen LinkedIn passwords, and tried to search for my LinkedIn password (of course, the old one - I changed it as soon as the first information about the breach was posted yesterday), but I could not find it. Here is the explanation of what I have done.
First of all, the structure of the password file is weird: it contains 160 bits (20 bytes = 40 ASCII HEX chars) entries separated by dots (0A), but some entries apparently contain 5 leading zeros (i.e. they contain only 140 bits of information). Since there is no such hash function that would produce 140 bits, I tried to hash using SHA1 (which produces 160 bits) and just remove the 5 leading chars from the resulting ASCII HEX string. As I said, my password still did not go through, so I tried to hash some mostly used password dictionary entries -- such as "password" and "abcd1234" -- and I did find (using WinHex - the file size is 245MB) the matching entries for both of them in the file, which means that the file apparently does contain more than 6 million hashed passwords (some of them are left padded with 5 zeros though).
However, my findings still do not prove the fact that these passwords are related to LinkedIn. They even do not demonstrate that this file contains any real passwords: it can be a rainbow table. But I still recommend you to change your LinkedIn account password. Just in case.
Here is an example of hashed password from the "LinkedIn password file":
"LinkedIn password file" entry: [1e4c9b93f3f0682250b6cf8331b7ee68fd8]