Popular Articles
Today Week Month Year


Massive DATA BREACH exposes personal data of 700 million users of Microsoft-owned LinkedIn
By Arsenio Toledo // Jul 04, 2021

For the second time this year, Microsoft-owned social networking and employment service LinkedIn has experienced a data breach.

Brighteon.TV

According to Ben Lovejoy, tech journalist for 9to5Mac, a hacker exposed the personal data of around 700 million users. This represents around 92 percent of the platform's more than 756 million total users.

The data breach was discovered on June 22 when the hacker responsible advertised the sale of the data on a forum on the dark web. The hacker posted a sample of one million records on the dark web. From this sample, the data was confirmed to be genuine and up to date. Some of the personal information the hacker obtained include:

  • Email addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn usernames and profile URLs
  • Personal and professional experience and background
  • Genders
  • Connected social media accounts and usernames
  • Inferred salaries

The hacker was not able to obtain the LinkedIn passwords of the users nor any financial records. But the above-mentioned data is still valuable as it exposes LinkedIn users to a higher risk of exploitation by bad actors.

The stolen data can be used for identity theft and to create full detailed profiles of their potential victims for convincing-looking phishing attempts or even for social engineering attacks.

Bad actors can also use the available data, particularly the usernames, emails and other personal information, to hack and gain access to other accounts. Once these bad actors get access to a person's private data, there's no getting it back.

The first breach of LinkedIn data occurred in early April, and the data of around 500 million users was scraped from the site. The company said the breach also scraped information from other websites. (Related: Massive data breach leads to leak of 533 million Facebook user accounts, but Facebook won't even alert its own users.)

Hacker acquired data through LinkedIn's API

Restore Privacy journalist Sven Taylor was able to interview the hacker responsible for the data breach. The latter claims the data was obtained by exploiting LinkedIn's API, or application programming interface.

An API is a set of functions that allow developers to easily interact with applications and websites. If a developer wants to make changes to LinkedIn, an API can help him process the changes and input them in the appropriate areas. This saves developers a lot of time and reduces the amount of code they need to create.

During a short interaction on the messaging service Telegram, Taylor explained that the hacker demanded $5,000 for the complete data set that showed how he was able to obtain the data through the LinkedIn API.

But in an email with a LinkedIn spokesperson, the company said not all of the data could have been acquired through the LinkedIn API. Instead, the company believes at least some of the data was likely obtained by scraping public information available on other platforms.

In a statement, the company said:

"Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update."

Taylor points out that LinkedIn's definition of what constitutes "private data" is most likely very subjective. The company's statement is also not denying that some data was harvested from its servers.

As of press time, all of the data the hacker stole from LinkedIn is still up for sale on the dark web.

Learn more about how hackers can acquire people's personal data from websites like LinkedIn by reading the latest articles at PrivacyWatch.news.

Sources include:

Breitbart.com

9to5Mac.com

RestorePrivacy.com

HowToGeek.com

SeekingAlpha.com



Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Copy
Embed article link:
Copy
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Close
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.