Linkedin Data Breach – Exposed Data of 700M Users: A new data breach on LinkedIn has exposed LinkedIn data for over 700 million users. LinkedIn has 756 million users in total. This breach exposed data from more than 92 percent of its users. The data, which was obtained by an unknown hacker, is believed to contain personal details, such as phone numbers and physical addresses.
Geolocation data can also be included. Inferred salaries are also included. LinkedIn reported in April that there was a data breach that affected 500 million subscribers. Personal details such as email addresses, phone numbers, and workplace information were exposed. They also revealed full names of account IDs, links for their social media accounts, gender details, and even their phone numbers.
Linkedin Data Breach
We reported back in April that over 500,000,000 LinkedIn users’ data was shared on hacker forums. LinkedIn was again breached on June 22. A hacker obtained more than 700,000,000 user’s information online and offered it for sale. RestorePrivacy reported that a hacker posted data from 700 million LinkedIn users for sale on June 22nd.
A sample of data from 1 million users was posted by the hacker for public verification and satisfaction that they really have correct data. We investigated further and found that all the information provided is accurate and up-to-date.
LinkedIn confirmed that 500M records contained data from its servers in the April breach. However, it claimed that multiple sources were used in the breach. PrivacyShark has noted that this time, the company issued a similar statement:
We are still investigating the issue. However, our initial analysis shows that the data includes both information gathered from LinkedIn and information from other sources. It was not a LinkedIn data breach. Our investigation found that no private LinkedIn member data were exposed. We are working hard to protect our members’ privacy and scraping data from LinkedIn is against our Terms of Service.
Linkedin Official
The Dark Web has also listed the 700 million user dataset. For buyers, the hacker posted a sample of 1 million users. RestorePrivacy was the first to see this listing on Dark Web. TalkJarvis also checked the data. The Dark Web published a sample dataset containing user information such as email addresses and full names, geolocation records, profile URLs, LinkedIn usernames and password URLs, inferred salary, background and personal experiences, gender, and usernames and accounts on social networks.
TalkJarvis spoke directly with the hacker. They stated that the data was obtained using the LinkedIn API to extract information from people’s uploads to the site. While the dataset doesn’t contain passwords it is still highly valuable and could lead to phishing attempts or even identity theft.
Why Linkedin Data Breach is Concerning?
For most people, data breach news like this is just wow news as mainly people don’t care about their data. But, let me tell you, a data breach is as concerning as a leak of your ATM pin. Most of the scam calls and phishing calls use these sorts of breach data to do fraud with people.
Many scammers purchase these data from the dark web and do a portfolio analysis. Upon finding a suitable target, they surveillance on his/her activity and look for the right moment. When the right moment arrives they basically call or email the potential target using the name of a trusted company whose service the target use. Like, suppose he/she is using a phone of Samsung company. On-call or email they tell you that they are from Samsung customer service and they need to do a security update on your device. They build trust by using the breached data that they already have.
Upon building the trust, they install malicious software to control the device and steal whatever they can including bank account credentials and hence money. This is just one example, they are a lot of ways your leaked data can be used against you. They can also use identity theft to exploit money from your relatives, friends, etc.
So, Never take any data breach casually. It is essential to check the privacy settings, security, encryption, and privacy settings on the apps you use in order for your data to be protected. You must ensure you have created a strong password. Also, make sure to change them often. Enable two-factor authentication (2FA) wherever possible. You also should refuse to accept connections from unknown users, especially on Facebook and Linked In. Register to I Have Been Pwned and receive notifications if you have an email address that has been affected by a data breach.