Menu Close

Cybersecurity: LinkedIn data breach puts 700m users’ vital records at risk

*Experts say the data breach may have compromised 93 percent of the platform’s user accounts, including full names, e-mail addresses, salaries and geolocation records online

Isola Moses│ConsumerConnect

With the data already put up for sale online, a LinkedIn breach could have unveiled the personal data of 93 percent of its user base, or around 700 million accounts.

According to RestorePrivacy, the data has already been offered for sale in the Cpberspace.

The group noted that after contacting the seller, it discovered that everything from full names and email addresses to a person’s salary and geolocation records were part of the package that cybercriminals put up for sale on the Internet.

It was learnt that LinkedIn has a pretty buttoned-up reputation, but it is not leakproof. Already, the global tech giant was reported to have been through two breaches so far in 2021, including a massive hack in which data on 500 million LinkedIn users was scraped from the site and sold online.

What was stolen from user base

As part of its communication with the seller, a sample of what was stolen was shared with RestorePrivacy, including the following:

Email Addresses

Full names

Phone numbers

Physical addresses

Geolocation records

LinkedIn username and profile URL

Personal and professional experience/background

Genders

Other social media accounts and usernames

RestorePrivacy, agency report noted, also confirmed that the personal data is both up to date and authentic.

LinkedIn users can breathe a small sigh of relief because login credentials and financial data did not appear to be a part of the breach, report said.

However, there’s still a lot to be concerned about in this regard.

Sven Taylor of RestorePrivacy said: “There is still a treasure trove of information for bad actors to exploit for financial gain.

“While this latest LinkedIn leak did not contain any financial records or login credentials, there are still serious consequences.”

Taylor said those repercussions put 700+ million people at risk of identity theft, phishing attempts, social engineering attacks, and hacked accounts.

LinkedIn validates the breach

While affirming the data breach, LinkedIn in a statement its Web site, confirmed the breach but couched it in a much softer way than RestorePrivacy’s.

The social media platform stated: “We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies.

“It does include publicly viewable member profile data that appears to have been scraped from LinkedIn.”

“This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”

LinkedIn also said that scraping violates its terms of service and that it will be working to stop anyone who does it and hold them accountable.

Madeleine Hodson, Senior Writer at PrivacySharks told ConsumerAffairs, that “for consumers, the leak is a reminder of the fragility of networks like LinkedIn’s where mass amounts of identifiable data can, seemingly, be easily scraped and shared online.

“The overall impact of the breach may ultimately reduce users’ confidence in these platforms where they are required to share a lot of personal details.”

How secure are your passwords and data?

If you haven’t taken a hard look at how your personal data is being protected, this latest breach may provide the motivation to finally do it.

There is a guide that includes information on steps you can take and security companies that can lock down your personal data.

Exposed passwords are a key target for hackers, but as one study recently found, most people never know their passwords were ever compromised.

If you’re curious about how long it would take for a hacker’s software to figure out your password, you might be surprised.

Kindly Share This Story

 

 

Kindly share this story