Security News > 2021 > June > Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground

Analysts from Privacy Sharks stumbled across the data put up for sale on RaidForums by a hacker calling himself "GOD User TomLiner." The advertisement, posted June 22, claims that 700 million records are included in the cache, and included a sample of 1 million records as "Proof."

It contained an "Aggregation of data from a number of websites and companies" as well "Publicly viewable member profile data," LinkedIn said at the time.

"This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members' privacy is protected."

It added, "Expert hackers may still be able to track down sensitive data through just an email address. LinkedIn users could also be on the receiving end of email or telephone scams that trick them into sharing sensitive credentials or transferring large amounts of money."

"It is not uncommon to see such data sets being used to send personalized phishing emails, extort ransom or earn money on the Dark Web - especially now that many hackers target job seekers on LinkedIn with bogus job offers, infecting them with a backdoor trojan," Candid Wuest, Acronis vice president of cyber-protection research, said via email at the time of the first data-scraping incident.

Users should secure their LinkedIn accounts by updating passwords and enabling two-factor authentication.

News URL

https://threatpost.com/data-700m-linkedin-users-cyber-underground/167362/