Thought the days of massive data leaks are finally behind us? Well, guess you were wrong. Following the recent massive Facebook data leak where data from approximately 500 million Facebook users from 106 countries was posted for free on a hacker forum, it seems that now came Linkedin’s turn. The wildly popular platform, which is mostly used for professional networking and allows its users to post their CVs and even job offers, seems to be the latest victim in another massive data leak.
Personal and professional data was leaked
According to CyberNews researchers, an equally staggering number of 500 million user data which included “a variety of mostly professional information” such as email addresses, phone numbers, and other professional details, has been found for sale on a forum popular with hackers. The seller of the leaked data is asking for a “four-digit $$$$ minimum price” in exchange for full access to the entire database, but also included a sample of 2 million records for $2 worth of forum-specific credits so the users can check that the stolen information is indeed legitimate.
The records are part of a scraped dataset of public information
This was confirmed by CyberNews researchers, however, they did mention that it is “unclear whether the threat actor is selling up-to-date LinkedIn profiles, or if the data has been taken or aggregated from a previous breach suffered by LinkedIn or other companies.” A Linkedin spokesperson confirmed to Insider that the records are part of a scraped dataset of public information:
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies,” the statement wrote. “It does include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
There are some good news
Fortunately, the stolen account information does not appear to contain any financial or legal information that could then be used for fraudulent transactions or identity theft. According to its website, Linkedin has “nearly 740 million members in more than 200 countries and territories worldwide” which means that the stolen information comprises around two-thirds of the platform’s user base. This makes the leaked information dangerous as it allows “particularly determined attackers” to combine it “with other data breaches in order to create detailed profiles of their potential victims.”