- Personal information from 500 million LinkedIn users was scraped and is being offered for sale on an online hacking forum.
- LinkedIn announced that it was investigating the matter as well as confirmed the data is comprised of scraped data from the website.
- The announcement comes following the discovery of personal information of 533 million Facebook users was discovered to have been exposed.
The data from 500 million LinkedIn users was scraped and is available for purchase on the internet according to a report published by Cyber News. An official from LinkedIn spokesperson told Insider that they have an information set of public records that was scraped from LinkedIn.
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that the data is actually aggregated from a number of websites and companies,” an official LinkedIn spokesperson told Insider. We’ve been able to review publicly visible member profile data that appears to have been scraped from LinkedIn. There was no LinkedIn data breach, and no private member account data was included.”
LinkedIn boasts 740 million active users, as per their website The report of data scraping affecting 500 million users is roughly two-thirds of LinkedIn’s users could be affected.
The information includes account IDs complete names email addresses, telephone numbers, information about work genders, hyperlinks for other accounts on social networks.
The data has been advertised for sale on a hacker’s forum and the author of the post has also released a copy with 2 million files to serve as an evidence-of-concept, as per CyberNews. The hacker is trying to offer the vast amount of information for a four-digit amount, according to the publication and could even take Bitcoin.
CyberNews researchers verified that the information was taken from LinkedIn users. However, they they also noted that the data could have come from their profiles of a different date, rather than a recent.
Paul Prudhomme, an analyst at the security intelligence firm IntSights Paul Prudhomme, a security analyst from IntSights, said to Insider that the information that was exposed is crucial because malicious actors could be able to use it to attack companies by stealing employees’ personal information.
“Such attacks may be more likely to succeed due to the rise of remote work and the increased use of home or personal devices for work due , Prudhomme said. A way for attackers to get around enterprise network security defenses is to attack companies using their employees’ personal accounts and devices.”
The announcement comes shortly after the data of Facebook was also released on the internet. The Insider’s Aaron Holmes reported last weekend that the private information that included names, places as well as email addresses, was published on an online hacking forum. A Facebook spokesperson confirmed that the information was scraped because of a security flaw that was addressed by the company in the year 2019.
Security researchers have told Insider they believe hackers can make use of the information to impersonate them , or trick them into divulging confidential login details.
