linkedin-data-breach-700-million

Update: we’ve updated the story to include the official LinkedIn statement

PrivacySharks reached out to Linkedin who had this to say:

“While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members’ privacy is protected.”

Back in April, we reported that over 500 million LinkedIn users’ information was shared on a hacker forum. Today, LinkedIn was found to have been breached once again, back on June 22. This time, more than 700 million users’ information was exposed online by another hacker and put up for sale.

On June 22nd, a popular hacker advertised data from 700 million LinkedIn users for sale, reported by RestorePrivacy (originally reported by PrivacySharks). The hacker has posted a sample of the data of 1 million users, upon a closer investigation, RestorePrivacy found that the following information was exposed from users:

  • Email Addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn username and profile URL
  • Personal and professional experience/background
  • Genders
  • Other social media accounts and usernames

The hacker claims that the stolen database contains personal information of 700 million LinkedIn users. LinkedIn has 756 million users, according to its most up-to-date webpage, which means that 93% of its users can be found in this breach. This is one of the biggest breaches, especially when we include the extra 500 million user information from April.

LinkedIn-data-sample-breach
Sample data (Image Credit: RestorePrivacy)

RestorePrivacy has also examined a sample of the data and showed us what kind of information is in it. Some of the data is censored to try and prevent any further damage. The company reports that the stolen data is authentic and is indeed coming from real users, and it also appears to be up to date from 2020 to 2021, which makes things even worse. It’s unknown at this time whether user passwords and financial information were leaked as the sample doesn’t contain any, there is a possibility.

When reached out to the hacker to ask how the data was collected, he claimed that the data was obtained by an exploit to the LinkedIn API. LinkedIn has not yet commented on the stolen user information and we couldn’t find any formal announcement regarding the breach.

More coverage over at PrivacySharks




Roland is a technology enthusiast and software engineer based in United Kingdom. He is also a content creator and writer, and is best known under the name “Techusiast”.

You May Also Like
hbo max
HBO Max is coming to Europe next month
Only to six countries, for now.
Apple delays CSAM feature roll-out to make improvements and listen to feedback
It seems that Apple will keep on working to improve its CSAM feature before making it rollout to its devices
WhatsApp
WhatsApp fined nearly $270 million for violating EU’s privacy rules
Not a good day for Facebook.