The LinkedIn Data Breaches: What to Do and Who Was Affected

LinkedIn has been subjected to several breaches in the previous year of 2021.

The first data scraping took place in April 2021, right after the news of the Facebook Breach was making rounds all over the internet. The data scraped came from 500 million LinkedIn profiles.

The hacker put the data for sale on a hidden underground forum. Besides the 500 million, another 2 million records were also leaked by the same actor.

The second data scraping activity took place on June 22. The data was collected from the accounts of 700 million users, and a sample of 1 million records was also posted on Radio Forums, a well-known hacking forum. The sample released held data for the year 2020-2021.

This collection was also making rounds all over Telegram in the form of torrent files. These 700 million users make up about 92% of LinkedIn users, which is quite a considerable percentage.

An Inside Look at the Breach of LinkedIn

The first data breach incident included the threat actor having access to the user’s LinkedIn IDs, email addresses, phone numbers, full names, genders, links to other social media profiles, LinkedIn profile URLs, professional titles, and other work-related information.

The data scraping on June 22, 2021, was done by a seller going by the name of TomLiner who was a “God User” on an underground market. They claimed to have held possession of 700 million records and went on to publish some in order to prove their claims.

The actor further stated that the data was accessed through LinkedIn’s Application Programming Interface (API). This was the same method that was used previously in the April breach.

The data was made up of Full Names of the users, LinkedIn IDs, job history, email addresses, phone numbers, LinkedIn profile URLs, etc. Confidential location information was also breached in the second attack. All of this personal data could be easily used to assume someone’s identity.

All of this information, including the location information, salaries, and personal phone numbers, were also put up for sale on the dark web for only $5,000.

What’s There to Worry About?

In both breaches, the data that was accessed was information already present on the internet. However, the information scraped like a person’s email address and real-life name could be enough to dig out more information about them.

This could be used against many high-profile executives working for LinkedIn or against those that are operating in sensitive areas like financial or security industries.

With such personal information available on the internet for purchase, the affected users could experience identity theft or other spam activities.

Moreover, email and telephone scams could be used to lure users into giving out personal financial information about themselves, or they could be tricked into transferring large amounts of money. The leaks didn’t contain the email address of every user making the scraping of data less valuable to an extent.

Suppose you find yourself on the other side, with your credentials scraped by the hackers. In that case, it is recommended to make a swift change to your passwords for your email address, LinkedIn account, other online accounts, and set up two-factor authentication to help you be less vulnerable to any future breaches.

It is always better to use encrypted email addresses, password managers, and antivirus software. Taking all these steps will make you less prone to any harmful attacks.

What did LinkedIn Have to Say?

When the year’s first breach took place, LinkedIn was defensive about the whole scenario. It said that the data was not a LinkedIn data breach, and there is no evidence that the private information of LinkedIn users has been leaked.

At the time of the second breach, LinkedIn drafted out a statement stating “the data that was posted online for sale didn’t contain information from LinkedIn accounts only.

The data was accumulated from a set of websites/companies”. Furthermore it stated, “when any breach or data scraping occurs that puts out users’ personal information at risk, we work quickly and effectively to stop these threat actors and make sure they are held accountable”.

The Final Verdict

It is no lie that anyone could have accessed the data sold on underground forums, and it’s wrong to put all the blame on LinkedIn.

The information scraped from LinkedIn was always up for public viewing; hence, the company cannot control it.

Nonetheless, the data breaches of Facebook, T-Mobile, and Instagram indicate that such hacking cases are more common than ever, and it’s time that LinkedIn also needs to strengthen its security services.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.