- By Henry Faulkner Brittany
- June 27, 2022
LinkedIn Data Leak: Information scraped from around 500 million LinkedIn user’s profiles is part of a database posted for sale on a website popular with hackers, the company confirmed the LinkedIn data breach on Thursday.
On Tuesday, the sale of LinkedIn user’s data was first reported by cybersecurity news and research site CyberNews, which said that an archive including user IDs, names, email addresses, phone numbers, genders, professional titles, and links to other social media profiles was being auctioned off on the forum for a four-figure sum.
LinkedIn leak: According to LinkedIn, the database for sale “is actually an aggregation of data from a number of websites and companies.” The LinkedIn user data includes only information that people listed publicly in their profiles, the professional social media site, which is owned by Microsoft (MSFT), said in a Thursday statement.
“This is not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review,” the company said.
The news comes just days after a separate incident in which data scraped from more than 500 million Facebook user’s in 2019 — including phone numbers, birthdays, emails, and other information — was posted publicly on a website used by hackers. While these kinds of data are less sensitive than, say, credit card details or social security numbers, information like phone numbers can still be exploited by bad actors, including for robocall scams.
LinkedIn user’s are more than 675 million, according to its website, meaning that around three-quarters of its LinkedIn user’s information may be included in the database.
Social media companies have tools in place aimed at preventing scrapers — LinkedIn on its terms page details “technical measures and defenses” against such abuse — but they don’t always work.
The company said that “any misuse of our members’ data, such as scraping” violates its terms of service, which prohibit third-party software, bots, browser extensions, or plug-ins that scrape data from the site.
“When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable,” LinkedIn said in its statement.
The company did not immediately respond to a request for comment about whether it will alert user’s whose data was scraped and is included in the LinkedIn database for sale.
You May Also Like To Read…..