cloudThing logo in white
Menu open icon
email: info@cloudthing.com
tel: +44 (0) 121 393 4700
Menu closed icon

General

Generally useful pages

Sectors

We know loads about this stuff

What we do

The Building Blocks for cloudThing Magic

700m At Risk After Massive LinkedIn Data Breach

Sun Jul 04 2021

700 million users of LinkedIn have had their data scraped and put up for sale on hacker site ‘RaidForums’.

LinkedIn has been the target of scraping incident, in which 700 million LinkedIn records – 92% of the estimated 756 million users – have been posted on the hacker site ‘RaidForums’ just two months after a similar incident back in April 2021. The user who uploaded the post also asked for a minimum ‘four-digit- sum for access.

Privacy Sharks researchers examined a sample of 1 million users provided by the threat actors, and found they contained information like full names, genders, phone numbers, email addresses and industry information.

To quibble in the semantics for a moment, LinkedIn denies claims of this being a data breach, as all the information is publicly available and that none of the private information of users has been breached.

Data scraping is the aggregation of public data ‘from a number of websites and companies’ and ‘publicly viewable profile member data’ – and it is in direct violation of LinkedIn’s terms of service.

In an update on the company website, they stated:

open quote mark

When anyone tries to take member data and use it for purposes LinkedIn and our members haven't agreed to, we work to stop them and hold them accountable. Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach, and no private LinkedIn member data was exposed.

LinkedIn June Update

close quote mark

The investigation also revealed that 700 million users’ information includes 500 million user’s data from the April 2021 incident.

We’ve gone over the who and the what, but why have hackers gone through the effort of obtaining this information?

This kind of personal information can be used to create detailed profiles of potential victims and target them for more sophisticated phishing and social engineering attacks. Mostly likely, those whose email addresses and phone numbers have been scraped will be spammed with emails and phone calls or even have their LinkedIn profiles and associated email addresses brute-forced.

It is always, always imperative when browsing the internet to include two-factor authentication and regularly updating your passwords across all social media in preventing sensitive information being aggregated or leaked.

Not Quite Ready To Get Back To Work Just Yet?

UK BUSINESSES NEED TO PREPARE FOR THE GREAT ANALOGUE SWITCH-OFF

NATIONAL TRUST CALLS OUT THE SPECTATOR IN EPIC STYLE

© cloudThing 2021

Sun Jul 04 2021

email iconinfo@cloudthing.com
© 2020 Copyright cloudThing ltd. All rights reserved. Company registered in England & Wales no. 7510381, VAT no. 152340739