Now it was LinkedIn’s turn: hackers sell data from 500 million users in a forum

Following the Facebook security scandal, a hacker put up a database of personal and work information from millions of LinkedIn accounts for sale.

April
9, 2021

3 min read

This article was translated from our Spanish edition using AI technologies. Errors may exist due to this process.


Social networks are among the favorite sources of hackers to extract information from Internet users. This time it was LinkedIn’s turn, because in a hacker forum someone is selling a database that would contain personal and work information of 500 million users.

To prove that he is not lying, the anonymous hacker published a “taste” of the leak: four files with data from 2 million LinkedIn accounts. The cybercriminal sells the entire database for a “minimum price of 4 figures”  —  that is, between $1,000 and $9,999.

According to the sample shared by the Cybernews portal, the files reveal information such as LinkedIn ID, full name, professional title, email, phone number, gender, links to other social media profiles and users’ work history.

The LinkedIn leak shared by Cybernews.

The hacker clarified that the data were obtained through a scraping or “scraping.” That is, only the information that appears publicly was obtained, without incurring a violation of LinkedIn security.

However, that information is sufficient to carry out phishing attacks and spam emails and phone numbers. They could also hack into the passwords of LinkedIn profiles from email addresses.

The author of the publication does not indicate when said “scraping” was made, so it is not known if it is recent or old data. The data could also have been collected in different scraping sessions at different times, points out the same outlet.

The good news is that the leak does not include sensitive data, such as passwords, legal documents or banking information, since they only collected public information.

It still is recommended to users as soon as possible c hange the password of your LinkedIn account and enable two – step verification. They should also check their security settings to ensure that any information that they prefer to keep private is not publicly exposed.

Before LinkedIn, it was Facebook

Just days ago, a widespread Facebook breach compromised the personal information of more than 533 million users in 106 countries.

Last weekend, on a hacker forum a user posted full names, Facebook IDs, phone numbers, birthdays, and addresses. A Facebook spokesperson claimed that the information had been retrieved years earlier, in 2019.

Back then, Mark Zuckerberg’s social network fixed the problem, but not before removing millions of phone numbers from its servers. Thus, the leak exposed the personal data of millions of users, leaving them vulnerable to possible threats and attacks from cybercriminals.

Leave a Reply

Your email address will not be published. Required fields are marked *