KATHMANDU: Personal data of 500 million LinkedIn users, two thirds of its user base, has been scraped and is for sale online, according to a report from Cyber News.
The data up for sale on a popular hacker platform includes account IDs, full names, email addresses, workplace information and links to social media accounts of users hosted on the platform.
“The leaked files appear to only contain LinkedIn profile information—we did not find any deeply sensitive data like credit card details or legal documents in the sample posted by the threat actor. With that said, even an email address can be enough for a competent cybercriminal to cause real damage,” Cyber News said.
There were no estimates of Indian users that were being sold. India has the second largest user base for LinkedIn with 71 million profiles, according to the data platform Statista. US is the largest with 170 million LinkedIn users, it said. It has over 740 million users globally, LinkedIn said on its website.
LinkedIn confirmed that the data was being sold but denied it was a breach.
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn,” a spokesperson said for the Microsoft owned company said. “This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
“The leaked files appear to only contain LinkedIn profile information—we did not find any deeply sensitive data like credit card details or legal documents in the sample posted by the threat actor. With that said, even an email address can be enough for a competent cybercriminal to cause real damage,” Cyber News said.
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn,” a spokesperson said for the Microsoft owned company said. “This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
The company said it plans to hold the people who scraped the data accountable as it violates its terms of service. EconomicTimes