If you are associated with a well-known brand, you are more likely to be a target of a scam. Whether it’s phishing or hacking or another malicious act, bad actors know that the biggest companies will yield more opportunities for mischief.
LinkedIn boasts hundreds of millions of users, so it’s no surprise that this mammoth online employment service gets targeted. In fact, LinkedIn made the top 10 list of most targeted companies for phishing attacks. Tap or click here for tips to avoid being targeted yourself.
A recent data leak consisting of the personal information of 700 million LinkedIn users has been put up for sale. Read on for details and a response from LinkedIn.
Here’s the backstory
On June 22, 2021, a user on a hacker forum advertised that they are selling the data of 700 million LinkedIn users, online security firm RestorePrivacy reported. A sample of 1 million was posted.
The information included names, email addresses, contact information, personal and professional background, gender, social media account information, location and addresses. As of now, login and financial information were not included in the leak.
With 756 million total users, this leak affects nearly 93% of them. RestorePrivacy asserts that the information is accurate and up to date according to its research into the matter.
Not a data breach
LinkedIn posted a response: “We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites.”
The hacker himself told the security company that he got the data from LinkedIn’s API, or application program interface. If the hacker could access the API, he could intercept the information users entered into the site.
What does this mean to you?
While private data and financial information weren’t part of this leak, it could lead to nefarious things. It appears the data being sold on the Dark Web was scraped from LinkedIn. That means someone took the time to gather all the public information on the site, put it in a database and decided to use it as a money grab.
To stay protected, keep an eye out for phishing emails where cybercriminals spoof LinkedIn, trying to get you to hand over sensitive information. The information gathered could also be used to try and steal your identity. So keep an eye on your credit report for any suspicious activity.
And remember, stay vigilant. Don’t open any links or attachments from suspicious or unfamiliar emails. If you get a message from a company you are familiar with, tread very carefully. Contact the company directly if you have any concerns.