Hackers scraped data from 500 million LinkedIn users - about two-thirds of the platform's userbase - and have posted it for sale online
datafrom 500 million
- LinkedIn said it's investigating and confirmed that the dataset includes scraped data from its site.
newscomes after personal data from 533 million Facebook users was found to be exposed.
Data from 500 million LinkedIn users has been scraped and is for sale online, according to a report from Cyber News. A LinkedIn spokesperson confirmed to Insider that there is a dataset of public information that was scraped from the platform.
"While we're still investigating this issue, the posted dataset appears to include publicly viewable information that was scraped from LinkedIn combined with data aggregated from other websites or companies," a LinkedIn spokesperson told Insider in a statement. "Scraping our members' data from LinkedIn violates our terms of service and we are constantly working to protect our members and their data."
LinkedIn has 740 million users, according to its website, so the reported data scraping of 500 million users means about two-thirds of the platform's user base could be affected.
The data includes account IDs, full names, email addresses, phone numbers, workplace information, genders, and links to other
It's been posted for sale on a hacker forum, and the post's author also leaked a sample of 2 million records as a proof-of-concept, according to CyberNews. The hacker is attempting to sell the trove of data for a 4-digit sum, per the outlet, and potentially in the form of bitcoin.
CyberNews researchers confirmed that the data was scraped from LinkedIn users but noted that the information could have been taken from the profiles at a previous date rather than recently.
Paul Prudhomme, an analyst at security intelligence company IntSights, told Insider that the exposed data is significant because bad actors could use it to attack companies through their employees' information.
"Such attacks may be more likely to succeed due to the rise of remote work and the increased use of home or personal devices for work due to the COVID-19 pandemic," Prudhomme said. "Attacking companies via their employees' personal accounts and devices is one way for attackers to work around enterprise network security defenses."
The report comes soon after data from Facebook was also exposed on the web. Insider's Aaron Holmes reported last weekend that the personal data, including full names, locations, and email addresses, was posted in a hacking forum. A Facebook spokesperson said the data was scraped due to a vulnerability that the company addressed in 2019.
Security researchers told Insider that
- From marketing and tech to leadership - learn new skills and explore new possibilities with these Udemy courses
- Facebook and Microsoft aren’t the only ones creating a metaverse — here are five popular coins looking to create digital worlds
- Loaded Lion NFT sells for $1 million — three days after launching at $200
- Mukesh Ambani-led Reliance Jio hikes prices of its plans by 21%
- Facebook, Microsoft and others look towards the $1 trillion dollar ‘metaverse’ opportunity — but that contradicts the base philosophy behind Web 3.0
- Paytm Q2 result — Operational revenue crosses ₹1000 crore, loss widens by ₹37 crore
- These Indian states have the highest number of international airports; UP tops the list
- Centre raises Bengal labour budget for creation of 27 cr man-days