Right after Facebook’s data leak incident that affected 533 million people, another data dump has surfaced online. This time, the data of 500 million LinkedIn users appeared on the dark web for sale. It turns out the result of another web scraping activity.
500 Million LinkedIn Users Data Leaked
Recently, CyberNews has reported about a huge data dump that they found on the dark web. As revealed through their post, the researchers discovered an archive of LinkedIn data with details of 500 million users.
The data appeared on a popular hacker forum where the author put it up for sale for a “4 digit” amount in dollars. (The exact price isn’t precisely known yet.)
As per the details, the data dump includes the PII data of the users. Specifically, it includes users’ LinkedIn IDs, names, addresses, email addresses, gender, phone numbers, and work-related details. Also, the data includes the exact links of the users’ LinkedIn profiles as well as those of other social media profiles.
Although, the leaked information does not include any sensitive details such as credit card numbers. Yet, the extensive personal information of the users available online poses a threat of phishing attacks, spamming, impersonation, or identity theft.
To back its claim, the seller of the data also leaked 2 million records as evidence.
Alongside this data dump, another seller, on the same hacker forum, put up a separate offer. That new seller claimed to have 327 million additional records in addition to the previous archive of 500 million.
It means that a total of 827 million records of LinkedIn users are now available on the dark web.
Though, given the total LinkedIn user base of 740+ million, these archives will likely include numerous duplications. Still, it will likely have a treasure trove of unique data too.
In response to this incident, LinkedIn clarified through their statement that the leaked data has originated from web scraping.
We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn.
Also, the platform confirmed that the data dump only included publicly viewable information. Whereas, the private LinkedIn profiles remained unaffected.
This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.
For now, this data dump isn’t available on HaveIBeenPwned. However, LinkedIn users may check their profiles for appearance in this data via the CyberNews data leak checker tool.