Identitytheft.org is a privately owned website and is not associated with any government agencies.

The LinkedIn Data Breaches: What to Do and Who Was Affected

LinkedIn has experienced several data breaches over the years. Here are some of the notable ones:

  • 2012 Breach: In 2012, LinkedIn suffered a massive data breach where the hackers stole 167 million user records, including usernames and passwords. The company only became aware of the breach in 2016, and it forced all affected users to reset their passwords.
  • 2016 Breach: In May 2016, LinkedIn experienced another data breach where 117 million email and password combinations were stolen. The data was then sold on the dark web. The company also required all affected users to reset their passwords.
  • 2018 Breach: In September 2018, LinkedIn suffered another data breach where attackers accessed the data of 700 million users. The data included LinkedIn IDs, full names, email addresses, phone numbers, genders, and professional titles. The company claimed that no financial or payment information was compromised.
  • 2021 Breach: In June 2021, LinkedIn reported that an archive containing data scraped from the platform, including user IDs, full names, email addresses, phone numbers, and workplace information, had been posted for sale on a popular hacker forum. The data of approximately 700 million users was believed to be included in the archive.

These breaches have exposed millions of users’ data, including personal information and login credentials, which can be used for malicious purposes such as identity theft and account takeover. It is essential for users to monitor their accounts and change their passwords regularly to stay safe.

The 2012 LinkedIn Breach

The 2012 LinkedIn data breach is one of the largest data breaches in history. In June 2012, hackers gained access to LinkedIn’s network and stole 167 million user accounts. The stolen data included usernames, email addresses, and hashed passwords.

The breach was discovered in 2016, when a hacker tried to sell the stolen data on the dark web. LinkedIn immediately launched an investigation and found that the stolen data was authentic. The company confirmed that the data belonged to LinkedIn users who had registered before the breach and that passwords were hashed using the SHA-1 algorithm.

Following the discovery of the breach, LinkedIn forced all affected users to reset their passwords and sent them an email notifying them of the incident. The company also took steps to improve its security measures, such as implementing two-factor authentication, increasing its use of encryption, and hiring a new chief information security officer.

The 2016 LinkedIn Breach

The 2016 LinkedIn data breach was another significant security incident that affected the platform’s users. In May 2016, hackers gained access to LinkedIn’s database and stole 117 million email and password combinations.

The stolen data was reportedly sold on the dark web, where cybercriminals could use it for various malicious activities, such as identity theft, phishing, and account takeovers. The passwords stolen in the breach were hashed using the SHA-1 algorithm, which was considered weak and easily crackable by hackers.

When the breach was discovered, LinkedIn immediately took action by forcing all affected users to reset their passwords and implementing more stringent security measures. The company also increased its use of encryption and multi-factor authentication to help protect users’ accounts from future attacks.

Following the breach, LinkedIn also faced criticism for not disclosing the incident sooner. The company had become aware of the breach in April 2016 but did not inform its users until May, leaving them vulnerable to potential attacks.

The 2018 LinkedIn Breach

The 2018 LinkedIn data breach is one of the largest security incidents in the platform’s history. In September 2018, hackers gained access to the LinkedIn network and stole data from approximately 700 million user accounts.

The stolen data included users’ LinkedIn IDs, full names, email addresses, phone numbers, genders, and professional titles. The company confirmed that no financial or payment information was compromised during the breach.

The breach was discovered after the hackers attempted to sell the stolen data on the dark web. LinkedIn took immediate action to investigate the breach and implemented various measures to improve its security, such as increasing its use of encryption and multi-factor authentication.

Following the breach, LinkedIn also required all affected users to reset their passwords and sent them an email notification informing them of the incident. The company also encouraged users to monitor their accounts for any suspicious activity and to report any unauthorized access immediately.

The 2021 LinkedIn Breach

There was a reported data leak of 700 million LinkedIn records in April 2021, but it was not a data breach. It is believed that the data was scraped from publicly available information on the LinkedIn platform, such as user profiles, without any unauthorized access to the company’s systems or databases.

The leaked data reportedly included users’ full names, email addresses, phone numbers, and LinkedIn profile URLs, along with other publicly available information. It is unclear who was responsible for the data scraping or what their intentions were for the stolen data.

Following the incident, LinkedIn stated that they would take legal action against those responsible for the data scraping and encouraged users to monitor their accounts for any suspicious activity. The company also emphasized that they take the privacy and security of their users’ data very seriously and would continue to invest in measures to protect their users’ information.