Data of 700 Million LinkedIn Users Has Been Compromised

 

A massive breach has purportedly compromised the data of over 700 million LinkedIn users. LinkedIn has a total of 756 million users, which means that this new hack has exposed the data of more than 92 percent of its users. An anonymous hacker is reported to have gotten a fresh dataset including personal information about LinkedIn users. Reportedly, the data exposed includes phone numbers, physical addresses, geolocation data, and inferred salaries. 

The data advertised by the hacker is “both authentic and up-to-date,” according to a recent investigation by the publication, with data points ranging from 2020 to 2021. The article goes on to say that the data breached comprises a lot of information. LinkedIn reported a data breach impacting 500 million customers in April, in which personal information such as email addresses, phone numbers, workplace information, complete names, account IDs, links to social network profiles, and gender characteristics were exposed online. 

According to LinkedIn, the information was obtained through skimming the network rather than a data breach. In an emailed statement, LinkedIn said, "While we're still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members' privacy is protected." 

The hacker has also uploaded a sample set of 1 million users for purchasers on the Dark Web, where the new dataset of 700 million users is also on sale. RestorePrivacy was the first to notice this listing on the Dark Web, and 9to5Google double-checked the sample data. 

User information such as email addresses, full names, phone numbers, physical addresses, geolocation records, LinkedIn username, and profile URL, inferred salaries, personal and professional experience/background, gender, and social media accounts and usernames are included in the sample dataset that has been published on the Dark Web. 

9to5Google reached out to the hacker who says that the data was obtained through hacking the LinkedIn API to gather the information that people upload to the site. Although the data does not include passwords, it is nevertheless extremely valuable and might be used in identity theft or phishing attempts.