Less than a week after personal information from a halfbillion scratched Facebook profiles were filtered in the digital underground world, it seems to have the largest professional network in the world suffered a similar fate. It appears that now, like Facebook, approximately 500 million scratched LinkedIn profiles are being produced sold on the dark web to the highest bidder.
That story was originally broken earlier this week of Cyber News, whose staff discovered the huge illicit cache during the online investigation. LinkedIn has denied that its systems have been breached.
The data, it seems, is it is sold in a popular clandestine forum to include LinkedIn identifiers, full names, phone numbers, email addresses, and gender, as well as links to profiles and other associated social media profiles. It doesn’t seem to include account credentials or financial information.
The hacker asks for a “minimum four-digit price $$$$” for all data, but charges other criminals $ 2 in forum credits for accessing leaked samples, as a way to legitimize the reservation, Cyber News Reports. The output pointed this out “It is unclear whether the threatening actor sells updated LinkedIn profiles or whether the data has been extracted or aggregated due to a previous infringement suffered by LinkedIn or other companies.”
G / O Media may receive a commission
When it arrived via email, LinkedIn confirmed that it was studying the topic: “While we are still investigating this issue, the published dataset appears to include publicly visible information that has been extracted from LinkedIn combined with aggregated data from other websites or companies, ”the company spokesman told Gizmodo on Wednesday. “Deleting the data of our LinkedIn members violates our terms and conditions and we are constantly working to protect our members and their data.”
On Thursday, the company released a public statement about the incident, further clarifying that the data was an “aggregation” of data that had been extracted from the site, as well as from other websites:
We investigated an alleged LinkedIn data set published for sale and determined that it was actually an aggregation of data from various websites and companies. Includes publicly visible member profile data that appears to have been extracted from LinkedIn. This was not a violation of LinkedIn data and no data from the LinkedIn private member account was included which we were able to review.
If the alleged leak has so far not piqued the interest of U.S. officials, other countries appear to be interested.
On Thursday, the Italian Data Protection Authority, the country’s privacy watchdog, announced who would begin to study the matter. He issued the following statement [as translated from Italian to English via Google]:
“The Guarantor for the protection of personal data has initiated an investigation against Linkedin after the violation of social networking systems that led to the dissemination of user data … this data could be used for a number of conduct il Ranging from unwanted calls and messages to serious threats such as online scams or identity theft or phenomena such as the so-called “SIM exchange,” a technique used to infringe on certain types of online services that use the mobile number as an authentication system ”.
The incident is also apparent which is being investigated in Hong Kong, where the local government’s Privacy Commissioner for Personal Data (PCPD) was recently informed: In its initial response, LinkedIn indicated that it is investigating the matter. The PCPD has also issued a letter of inquiry on LinkedIn to ask for clarification, “a spokesman for the agency said. in an email.
It is not exactly clear what these clarifications are, although the fact that several governments are concerned about this would seem to give credibility to the legitimacy of the leak.
While filtration involves LinkedIn it is not deeply personal data breach nightmare things (i.e. SS ocial(financial information, etc.), could still be easily captured and used by bad actors for nefarious purposes. To check if your information has been compromised, you can use Cyber News “data leak tester”, Which have recently been updated to include some data extracted from the leak.