The data of 700 million LinkedIn users have been online sale, which makes it one of the largest LinkedIn data leaks to date.
As reported, a second mass violation of LinkedIn exposes the data of 700 million users, which is more than 92% of the total of 756 million users.The database is on sale on the dark website, with records that include phone numbers, physical addresses, geolocation data and inferred salaries.
So far from 2021, there were already two separate incidents in which the hackers have exploited the professional networks platform to collect large amounts of user data.
The implications of this are of great reach, from the theft of identity to phishing attacks, social engineering attacks and more.
The Restoreprivacy site reports that the hacker seems to have misuse of the official LinkedIn API to download the data, the same method used in a similar infraction in April.
On June 22, a user of a popular hacker announced the sale of data of 700 million LinkedIn users.The forum user published a sample of the data that includes 1 million LinkedIn users.We examined the sample and found that it contained the following information:
Emails
Complete names
Telephone numbers
Physical addresses
Geolocation records
LinkedIn username and profile url
Personal and professional experience / background
Genders
Other social network accounts and user names
According to our analysis and cross verification of the sample data with other publicly available information, it seems that all data are authentic and linked to real users.In addition, the data seems to be updated, with samples from 2020 to 2021.
We communicate directly to the user who publishes the data for sale in the Piracy Forum.States that the data were obtained by exploiting LinkedIn's API to collect information that people carry on the site.
Passwords are not included, but as the site points out, these are valuable data that can be used for identity theft and convincing -appearance phishing attempts that can be used to obtain login credentials for LinkedIn and other sites.
With the previous violation, LinkedIn confirmed that the 500 million records included data obtained from their servers, but said that more than one source was used.