2 min read

Profiles and Associated Info of Half a Billion LinkedIn Users For Sale on Hacking Forum

Alina BÎZGĂ

April 09, 2021

Profiles and Associated Info of Half a Billion LinkedIn Users For Sale on Hacking Forum

Fact: Half a billion LinkedIn users are in for an unpleasant surprise, as scraped datasets of their profile information are up for sale right now on an underground forum.

The database was auctioned for a four-digit sum (minimum), according to the cyber thief who advertised the trove of user information. To entice buyers, he even provided a leaked sample containing the information of 2 million LinkedIn users. Any prospective buyer can go through the data for a $2 payment in forum credit.

Check if your personal info has been stolen or made public on the internet with Bitdefender”s Digital Identity Protection tool. 

What type of data was leaked?

According to Cybernews researchers who analyzed the samples, the data includes a combo of LinkedIn profiles and associated info, such as user IDs, full names, email addresses, phone numbers, gender, professional titles, job-related descriptions, profile and social media profile links.

A new breach or data-scraping venture?

The archive contains allegedly scraped user profile information from LinkedIn and is not part of a new data breach.

LinkedIn also confirmed the claims provided by the threat actor in a recent Corporate Communications message:

“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies,” the notification reads. “It does include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we”ve been able to review.”

The online service has also made it clear that any misuse of user data, including web-scraping techniques, clearly violate the platform”s terms of services:

“Any misuse of our members” data, such as scraping, violates LinkedIn terms of service,” LinkedIn added. “When anyone tries to take member data and use it for purposes LinkedIn and our members haven”t agreed to, we work to stop them and hold them accountable.”

What should victims expect?

Although no sensitive or financial data was included in the leaked files, the information can be exploited by scammers and threat actors to conduct targeted phishing and smishing attacks or even brute-force the password to take over accounts.

The best way to protect your account and professional identity is to keep an eye out for suspicious and unsolicited communications you may receive via email, text message, or the LinkedIn chat feature. Even if account passwords have not been exposed, it”s never a bad idea to change the password for online accounts and enable two-factor authentication.

Since the data leak has already made headlines, threat actors might try to send out phishing emails that urge you to access a fake link to make modifications to your account or change the password.

Don”t click on suspicious links you might receive in your Inbox. Head to the official website and look for notifications.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing) E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)
Alina BÎZGĂ

July 29, 2021

5 min read
Protect Yourself from Pegasus - the Most Advanced Mobile Spyware in the World Protect Yourself from Pegasus - the Most Advanced Mobile Spyware in the World
Silviu STAHIE

July 27, 2021

3 min read
The UK Government Plans to Make Digital Identities Secure and Trusted Official Documents The UK Government Plans to Make Digital Identities Secure and Trusted Official Documents
Alina BÎZGĂ

July 21, 2021

1 min read