500 million Linkedin profile data is offered for sale in a popular hacker forum. As proof, interested parties can get two million records for a minimal fee. This is data such as names, email addresses, telephone numbers and employers published publicly by LinkedIn users. Linkedin is investigating the incident and calling it unauthorized scraping of member data.
According to a report by Cybernews become two million Linkedin records offered for $ 2 forum credits. The complete 500 million profile data can then be obtained on request for at least a four-digit price. Sensitive data such as passwords, credit card or bank information, however, do not belong in the view of the data sets offered as evidence, since only automated queries – so-called “scraping” – were used on a large scale for the data collection.
According to LinkedIn, unauthorized scraping of public data
The member data offered include LinkedIn IDs, full names, email addresses, phone numbers, gender, job title and other job-related data, links to LinkedIn profiles and profiles in other social networks. These are all data published by the LinkedIn users themselves and can be viewed by other LinkedIn users. However, they can be used in aggregated form for phishing attacks or brute force methods to determine passwords.
At the request of the ZDF explained Linkedin itself: “The investigation of the incident has not yet been completed, but the published data set appears to contain publicly available information that was tapped by LinkedIn and combined with data from other websites or companies. This so-called scraping of member data violates the LinkedIn Terms of Use and we are constantly working to protect our members and their data. ”
Facebook & Linkedin in the sights of the data collectors
Just a few days ago, data from hundreds of millions of Facebook users was rediscovered online. The confidential data of Facebook users has appeared in a forum for cyber criminals. They come from a leak in 2019. Facebook fixed this problem at the time, but now the data was available free of charge.
In 2012, LinkedIn passwords were already in circulation. A list of over 6 million password hashes from LinkedIn was circulating in relevant Internet forums. In 2016, however, it became known that the LinkedIn password leak had assumed disastrous proportions, as not only the 6 million passwords published at the time were stolen, but more than 100 million were traded underground.
According to its own information, Linkedin currently has almost 740 million registered users from over 200 countries. It is still unclear whether the 500 million profile data now offered is current or a result of previous attacks. Anyone who wants to know whether their LinkedIn profile is affected can do so using a Cybernews website and check the email address stored on LinkedIn.
(fds)
.
