|
2nd Colossal LinkedIn Breach in 3 Mths, All Users Affected
Second Colossal LinkedIn Breach in 3 Months, Almost All Users Affected
10 July 2021 by Malwarebytes Labs https://blog.malwarebytes.com/wp-con...k_silhouet.jpg https://blog.malwarebytes.com/wp-con...er-600x558.png The underground seller known as TomLiner is in possession of the 700M LinkedIn records on sale. They’re also classed as a “GOD User”, which could suggest that their name has weigh in the underground market. (Source: Privacy Shark) LinkedIn has reportedly been breached—again—following reports of a massive sale of information scraped from 500M LinkedIn user profiles in the underground in May. According to Privacy Shark, the VPN company who first reported on this incident, a seller called TomLiner showed them he was in possession of 700 million Linkedin user records. That means almost all (92 percent) of LinkedIn’s users are affected by this. RestorePrivacy, an information site about privacy, examined the proof the seller put out and found the following information, scraped from LinkedIn user profiles: Email addresses Full names Phone numbers Physical addresses Geolocation records LinkedIn username and profile URL Personal and professional experience/background Genders Other social media account usernames Note that account credentials and banking details don’t appear to be part of the proof. This suggests that the data was scraped rather than breached. Scraping happens when somebody uses a computer program to pull public data from a website, using the website in a way it wasn’t intended to be used. Each individual request or visit is similar to a real user visiting a web page, but the sum total of all the visits leaves the scraper with an enormous database of information. How was the seller able to scrape hundreds of millions of records? According to RestorePrivacy, the seller abused LinkedIn’s API, a similar tactic to the one used in the almost-as-enormous April LinkedIn “breach”, and the huge Facebook “breach” in the same month. https://blog.malwarebytes.com/wp-con...pi-600x251.jpg The seller confirmed that they abused LinkedIn’s API to scrape data. And sells them for $5,000 USD. (Source: RestorePrivacy) In a statement, Privacy Shark garnered from Leonna Spilman, who spoke on behalf of LinkedIn, the company claims there is really no breach: “While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members’ privacy is protected.” Spilman’s statement echoes the one LinkedIn released after the April “leak” blow out: “We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.” https://blog.malwarebytes.com/wp-con...pe-600x328.png A redacted shot from a small bit of the “proof-of-breach” sample given by the underground seller. (Source: RestorePrivacy) |
| All times are GMT. The time now is 15:59. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
SEO by vBSEO 3.5.2