The data includes names, email addresses and personal details. The database appears to be built similar to the leak at Facebook via ‘scraping’.
After the database of more than 500 million Facebook users that appeared online this weekend, one was also found with 500 million LinkedIn users. The CyberNews site reports this. Warnings for the users in question are, therefore, similar: beware of phishing attacks.
This involves many data from LinkedIn accounts, including email addresses, phone numbers, links to other social media and – typically LinkedIn – professional data. There would be no credit card information or other more administrative and financial data.
The file was found on a hacker’s forum, where it has been put up for sale. The providers say it contains data from 500 million users. As a ‘sample’, the group behind it has leaked 2 million of this data. The origin of the data is not entirely clear. It could be a new leak with recent profiles or data compiled from previous leaks. Last year, for example, another plug-in was released that sells phone numbers of LinkedIn users.
The providers do say that it concerns scraped data. Instead of hacking into a server, the attackers use the service’s built-in (very insecure) tools to collect and collate information. That’s also how the leaked Facebook data file is put together.
Incidentally, a file like this poses roughly the same dangers as that previously leaked data from Facebook. A scammer can use the phone number and details in such a profile to gain access to other accounts through phishing or attempt to steal money or other information through social engineering. The more information a scammer has to work with, the more likely they are to convince their lie.
It’s a good idea to change your LinkedIn password and your email address and preferably set up two-step verification right away. And if someone calls with a career proposal that sounds too good to be true, it might be.