LinkedIn 500 Million Users Being Sold Online

Scraped data of nearly half a billion LinkedIn users is being sold online, with two million records being published as proof

Concerns are being raised about scraped data of 500 million LinkedIn users being available for sale online on the dark web.

According to Cybernews, an archive containing data purportedly scraped from 500 million LinkedIn profiles was put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author.

The discovery comes days after 533 million Facebook users’ personal data was leaked online. The leaked data surfaced last weekend, after it was published in a freely available, searchable format on a hacking forum.

That Facebook data dump is believed to originate from an issue that occurred in early 2019, which Facebook said it fixed in August of that year.

LinkedIn data

Cybernews reported the four leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the threat actor.

The data is said to include full names, email addresses, phone numbers, workplace information, and more.

Concerned users can check the personal data leak checker from Cybernews to check to see if their data has been compromised.

Read also : Microsoft Singled Out In Review Of Chinese Hack Of US Government Emails

Users of the hacker forum can reportedly view the leaked samples for about $2 worth of forum credits.

The threat actor is apparently auctioning the much-larger 500 million user database for at least a 4-digit sum, presumably in bitcoin, Cybernews reported.

The author of the post claims that the data was scraped from LinkedIn, and that has been confirmed by an investigation by Cybernews.

It seems to be mostly public-facing data, and not really sensitive data.

Previous breaches

However, it’s unclear whether the threat actor is selling up-to-date LinkedIn profiles, or if the data has been taken or aggregated from a previous breach suffered by LinkedIn or other companies.

LinkedIn has been approached for confirmation, but no response has been forthcoming.

It should be remembered that LinkedIn has experienced security breaches in the past, for example in 2012 and in 2016.

Read also : New Zealand Joins US, UK, Netherlands Alleging Chinese Cyber Espionage