700M Users’ LinkedIn Accounts for Sale on the Dark Web

 Just two short months ago, LinkedIn users were slammed with the news that 500 million user profiles were scraped from the platform and available online to hackers and thieves. Now, threat researchers have discovered a new batch of LinkedIn user data sets for 700M users.

The Data Breach Details

Research analytical company Privacy Sharks discovered 700 million user profiles on a dark web forum called “RaidForums” by a hacker named “GOD User TomLiner.” According to Threatpost, ‘The advertisement, posted June 22, claims that 700 million records are included in the cache, and included a sample of 1 million records as “proof.”’

Privacy Sharks downloaded the proof data and examined it. They confirmed that LinkedIn user account data included full names, gender, email addresses, phone numbers, and industry information. The researchers could not determine how the data was acquired, but they suspect the hackers once again used data scraping. The 500 million profiles snagged back in April were obtained through this method. LinkedIn commented on that incident by stating that the breached data was an “aggregation of data from a number of websites and companies” as well as “publicly viewable member profile data.”

In both cases, LinkedIn confirmed that hackers did not acquire the data from accessing their servers directly or through a data breach using malware.

What is LinkedIn Doing About It?

Upon hearing about the data leak, LinkedIn responded with;

“While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources,” according to the company’s press statement. “This was not a LinkedIn data breach, and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service, and we are constantly working to ensure our members’ privacy is protected.”

Privacy Sharks’ blog post added,

“This time around, we cannot be sure whether or not the records are a cumulation of data from previous breaches and public profiles, or whether the information is from private accounts.”

“We employ a strict policy of not supporting sellers of stolen data and, therefore, have not purchased the leaked list to verify all of the records.”

No payment card information or personally identifiable information (PII) was in the data set. These items could be used for identity theft and fraud.

What is Data Scraping?

Cybercriminals use various tools and resources to cull data from websites and services, which allow them to get around the security protocols. One of these techniques is called data scraping. It allows hackers to grab public-facing data that is typically not accessible without direct access (such as being linked to each profile account). Often, they can access hundreds and thousands of accounts simply by being connected to one of them. It is a very effective method of grabbing data.

Does This Data Leak Pose a Problem for LinkedIn Users?

Yes. Even just phone numbers and email addresses put LinkedIn users at risk. Hackers purchase large lists of email addresses or phone numbers to wage phishing campaigns and other types of fraud. This information could also lead to identity theft by connecting it to other stolen details or the procurement of sensitive credentials through fraudulent tactics like social engineering or malware infection. The leaked data may also open up users to the potential danger of brute force attacks.

To protect themselves, users should immediately change their passwords, turn on two-factor authentication for all their accounts and keep a close eye on credit, debit, and bank accounts. They should also be wary of any unsolicited emails or phone calls that appear to be legitimate but may be fraudulent.