Data from 500M LinkedIn users reportedly scraped, for sale online

Following the news of a major Facebook data leak comes another cybersecurity issue that will likely need attention: the scraping of data from some 500 million LinkedIn profiles.

Cybernews reported on Tuesday, April 6, that the scraped data was put for sale on a hacking forum, with some two million records leaked online as proof of concept.

The hacker is said to be looking for a four-digit sum for the data, likely in bitcoin.

The scraped data is said to include the following:

  • LinkedIn IDs
  • Full names
  • Email addresses
  • Phone numbers
  • Genders
  • Links to LinkedIn Profiles
  • Links to other social media profiles
  • Professional titles and other work-related data

In a follow-up report from Business Insider on April 9, a LinkedIn spokesman said, "While we're still investigating this issue, the posted dataset appears to include publicly viewable information that was scraped from LinkedIn combined with data aggregated from other websites or companies."

The spokesman added, "Scraping our members' data from LinkedIn violates our terms of service and we are constantly working to protect our members and their data."

Such scraped data can be used to attack companies through employees' information.

Paul Prudhomme, an analyst at security intelligence company IntSights, told Business Insider that taking advantage of and attacking companies through employees' personal accounts or devices "is one way for attackers to work around enterprise network security defenses." – Rappler.com

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.

image