Personal data of more than 700 million LinkedIn users is up for sale in a hacking forum. These are full names, phone numbers, physical addresses and more, in the case of information that could be used by hackers to carry out various identity theft related attacks.
to me PRIVACY RECOVERY, a website that enhances security and privacy online, this data breach is one of the biggest in LinkedIn history.
The personal information of 500 million profiles was disclosed in April, and now The number has increased to 756 million, Equivalent More than 92% of all social network users.
In order to verify the correctness of the information, The author of the article that exposed the leak posted a sample of one million LinkedIn profiles. The file includes the following data:
- Email messages
- full names
- phone number
- physical addresses
- Geolocation records
- LinkedIn username and profile URL
- Personal and professional experience/background
- Other social media accounts and usernames
Restoreprivacy says that checking data samples with other publicly available information indicates that these are real users. They also added, Although no passwords are revealed, this leak can lead to other security issues, such as identity theft to carry out phishing attacks.
According to the hacker who posted the message on the forum, the data was obtained by exploiting the LinkedIn API. This means that it was possible to use the developer interface to do “data scraping” for users, also known as “Scraping on the Internet”.
After this news, online tools like I’ve been Pwned and database Internet news They can be useful to check if an email or phone number associated with different services in the network has been filtered.
LinkedIn It ensures that no data breach occurs for its users. Below is the company’s official statement.
“While we are still investigating the situation, first analysis indicates that this data includes information obtained from both LinkedIn and other sources. This is not a LinkedIn data breach and our investigation has determined that there is no private data from our members. Extracting data from LinkedIn is Violation of our policies, so we are constantly working to ensure the privacy of our members is protected.”