500 Million LinkedIn Accounts Fall Victim To Hacker Data Scraping Campaign
According to a new report, hackers scraped the site's user data and are currently offering the ill-gotten goods up for sale. According to the report, 2 million records have been provided as a proof-of-concept, while the remaining profiles have a comparatively low [and undisclosed] four-digit price tag.
Data obtained from this most recent scraping campaign include users' full names, email addresses, phone numbers, workplace information, social media connections, and account IDs, according to CyberNews. What is unknown is if the information up for sale is from a new LinkedIn leak or if it was obtained from a previous incident.
Like how Facebook responded to its own "data scraping" incident, LinkedIn appears to be downplaying the data leak's severity. "While we're still investigating this issue, the posted dataset appears to include publicly viewable information that was scraped from LinkedIn combined with data aggregated from other websites or companies," explained a LinkedIn spokesperson in a statement to Business Insider. "Scraping our members' data from LinkedIn violates our terms of service and we are constantly working to protect our members and their data."
The data has the potential to be used for attacks not only against the affected LinkedIn users but also their employers through phishing and other social-engineering attacks. What is increasingly problematic is if unsavory parties combine data obtained from the LinkedIn incident with data from other breaches to build highly detailed online profiles of intended targets.