Data of 700 million LinkedIn users is being sold on hacker forum - Updated 4th July 2021
A dataset containing information from 700 million LinkedIn users is being auctioned on a well-known hacker forum.
First reported by Privacy Shark on June 27, the dataset contains information such as full names, genders, email addresses, phone numbers and industry information. It was first shared on redforum on June 22nd by user tomliner.
According to LinkedIn, the platform has 756 million users. If profile information is unique within the dataset, it would include more than 92 percent of all LinkedIn users.
Although the amount of information is staggering, calling it a violation may be a bit far-fetched. A LinkedIn spokesperson said in an emailed statement to Privacy Shark that the data has been scraped from several publicly available sources. Although it contains LinkedIn profile information, it is also aggregated from various other channels such as websites and companies.
LinkedIn also assured its users that no personal information, such as passwords and credit card information, is part of the dataset.
If it all sounds the same, it should be. Almost the same happened in April when data from 500 million LinkedIn users was posted on the same forum. The incident prompted an investigation into LinkedIn by Italy's privacy watchdog.
While data scraping seems benign compared to a full-blown breach, it still remains a threat. Hackers can still take advantage of the information to carry out attacks. Common ones include identity theft and phishing scams. Additionally, advertisers are always on the lookout for spam in more inboxes.
LinkedIn also emphasized that data scraping is against the terms of service in the official statement.
The matter is still under investigation. In the meantime, users should change their password just in case.
No comments