700 Million LinkedIn Users Leaked On Hacker Forum

700 Million LinkedIn Users Leaked On Hacker Forum

The data of 700 million LinkedIn users leaked on an online hacker forum. This attack follows an earlier leak of users of the business-oriented social media platform.

Analysts from Privacy Shark discovered the data in a post by a hacker calling themself “GOD User TomLiner.” The hacker has put the data cache for sale. The data appears to have been scraped from public profiles and other sources.  

While LinkedIn users’ data appear to have been leaked,the social media platform contends this was not a data breach. In a statement to Privacy Sharks, LinkedIn said: “While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members’ privacy is protected.”

LinkedIn suffered a similar leak of about 500 million users in April. It remains unclear how much information from that leak might have been copied into this one. 

We compiled some cybersecurity expert commentary on the Linked users’ data leak. Here’s what they had to say.

700 Million LinkedIn Users Leaked On Hacker Forum

Uriel Maimon

Uriel Maimon is Senior Director of Emerging Technologies at PerimeterX.

“It’s important to remember that when sensitive information leaks, it doesn’t affect just the website that leaked it. The users can be affected for years to come in completely unexpected ways.

For example, private information can be used to create synthetic identities that are then used to generate fraudulent credit card or loan applications which inevitably affects the original users but also the financial institution. Our recent PerimeterX Automated Fraud Benchmark Report found that ATO and credential stuffing are two of the most damaging types of automated attacks faced by businesses today, which affect the original website whose brand and image will inevitably suffer and whose reporting obligations and liability may be very costly.

Web app security is everyone’s problem, and we must all work together to make the web a safer place.”

Chris Clements

Chris Clements is VP of Solutions Architecture at Cerberus Sentinel.

“This appears very similar to other recent LinkedIn data leaks and while the initial reaction may be to shrug off the information disclosed as being unimportant or harmless to be public there are a few notable exceptions. Phone numbers can be used to harass individuals or perform SIM swapping attacks to take over other online accounts. Physical addresses and especially geolocation data can be used to stalk users in person. Moreover, the combined information will enable attackers to develop more targeted and convincing social engineering lures to compromise unsuspecting victims.

The size and regularity of mass-scale data leaks can lend itself to a defeatist attitude about the future of privacy and security online, however, these are problems that can be vastly improved given the right attention and resources. Organizations must adopt a true culture of security to ensure that data users entrust to them remains safe from unintended disclosure. Security must be built into the design of applications with the expectation that any functionality like data export APIs can and will be abused by malicious actors. Even beyond design, all systems and applications should be regularly penetration tested to ensure no mistakes or oversights have been introduced that may expose sensitive data. Continuous monitoring for suspicious behavior is also critical for ensuring that any malicious activities can be caught and stopped before widespread damage has been done.”

James McQuiggan

James McQuiggan is Security Awareness Advocate at KnowBe4.

“The use of data scraping is a common practice of collecting available data online from a website. In this case, the information that users posted online in the past was the subject of the data taken from the website.

The concern will be the email addresses, names, phone numbers, and other data that can be leveraged for social engineering scams. In today’s society, users should always be aware of phishing attacks in their mailboxes and implement a trust but verify mentality regarding emails in their inbox that offer money or that mention deactivated accounts.

In the past, research has shown that more people fall for phishing emails when it comes to their social media accounts like LinkedIn or Facebook. Users must monitor their email, avoid clicking on any links and visit the actual social media account to determine anything wrong with an account.”

Thanks to these experts for their time and expertise. For more, check out the SIEM Buyer’s Guide

Ben Canner