Overview
500 Million LinkedIn Users Data Being Sold Online: Just days after the Facebook data leakage incident, personal data for more than 500 million LinkedIn users have been posted for sale online. The breached data includes LinkeIn IDs, names, titles, email addresses, phones and other personally identifiable information (PII) from the users’ public profiles.
Content of the Data on Sale
According to the report by CyberNews, hackers posted an archive containing LinkeIn IDs, names, genders, titles, email addresses, phones and links to other social media profiles for 2 million records as a proof of the data breach. The leaked data appears to be represented in key value pairs in CSV (Comma Separated Values) format. The hacker currently requests about $2 for viewing the samples of the leaked data and at least a four-digit-sum payment in return for disclosing the whole set of the breached data.
Currently, the authenticity of the breached data has not been denied. However, LinkedIn claims that the data appears to be aggregated from a number of websites, including the LinkedIn pages, via scraping publicly available information. The company also announced that “Any misuse of our members’ data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable.”
I’ve come to the conclusion that if you give a data point to a company, they will eventually sell it, leak it, lose it or get hacked and relieved of it. There really don’t seem to be any exceptions, and it gets depressing.
Brian Krebs
Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.
What Users Should Do About the Breach?
Whether be stolen or scraped, it is highly likely that 500 million users’ data is in the hands of hackers for sale and evidently two million of those records have been released already. Although the leaked data may not contain sensitive information like credit card information, other interested malicious third parties may use such information for conducting social engineering attacks like phishing or spear phishing attacks or for spamming the released emails and phone numbers.
To stay on the safe side, we suggest LinkedIn users to change their LinkedIn passwords and beware of suspicious emails, LinkedIn messages and phone calls.
You could also read our popular articles What is a Security Vulnerability? or What is Vulnerability Scanning?
