Another day of 2021 and another data breach, like we didn’t have enough of those with Facebook I suppose. So LinkedIn got hacked and now the data, of over 700 million users, is out in the open. 700 million, LinkedIn has a total of around 756 million users. This means that almost 92.5% of the platform’s users have their data swimming around in the dark web. Maybe someone from the dark web will offer me a job now?
The hacker responsible for the data breach is currently unknown but the dataset obtained by him consists of various personal details of the user’s professional profile. These details include addresses, phone numbers, geolocation data, and inferred salaries. This isn’t even the first time LinkedIn suffered a data breach. Just last April, the platform confirmed a data breach of over 500 million users where personal details like email address, phone number, workplace information, full name, account IDs were leaked online.
The leak even included links to social media accounts and gender details. This time LinkedIn didn’t confirm that it was a data breach. The professional profile platform said that it did not face a data breach but the information was gained from scraping the network. Which is unlikely given the nature of the data in the leak.
The hacker has posted a sample dataset of 1 million users on sale for the right buyer on the Dark Web. The dataset was first discovered by the folks over at RestorePrivacy and the sample dataset has been verified by 9to5Google. The sample dataset includes the information discussed before including LinkedIn usernames, profile URLs, social media links, and usernames.
Reporters reached out to the hacker trying to figure out from them how they had gotten hold of so much data. The hacker responded by saying that the data was obtained by exploiting the LinkedIn API to harvest information that people upload to the site.
LinkedIn has since denied that the breach took place. “Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach, and no private LinkedIn member data was exposed,” a statement from the company said. “Our initial investigation has found that this data was scraped from LinkedIn and various other websites and includes the same data reported earlier this year in our April 2021 scraping update. Members trust LinkedIn with their data, and any misuse of our members’ data, such as scraping, violates LinkedIn’s terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable,” it added.
Even if it did take place, the data thankfully does not include the user’s passwords but the leaked information can lead to you getting a lot of spam mail and expose you to phishing attempts so better watch out. LinkedIn more like LeakedIn! (haha, I’ll see myself out).