A new massive LinkedIn breach made the headlines, a database containing data of 700M users, more than 92% of the total 756M users, is available for sale on forums on the dark web.
The exposed records include email addresses full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experience/background, genders, and other social media accounts and usernames. Passwords are not included in the archive.
The threat actor that is offering for sale the data shared a sample of 1M records as proof of the authenticity of the archive. According to media that analyzed the data were able to confirm that they are genuine and up-to-date.
According to the RestorePrivacy website, the threat actor abused the official LinkedIn API to download the data
“We reached out directly to the user who is posting the data up for sale on the hacking forum. He claims the data was obtained by exploiting the LinkedIn API to harvest information that people upload to the site.” reported RestorePrivacy.
Data available for sale exposes 700+ million people at risk of cybercriminal activities, including identity theft, phishing and social engineering attacks, and account hijacking.
(SecurityAffairs – hacking, LinkedIn)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.