Two databases of information about LinkedIn users are being sold on a popular cybercriminal forum on the shallow Internet. Together, the databases gather information of more than 1 billion (1327000000) of platform users.
One of the databases that offers data from 827 million users are being sold for $ 7,000. Already to know the value of the other, 500 million, you need to contact the advertiser.
The “leak” is yet another case of data scraping where no sensitive data (such as passwords, bank information and documents) has been exposed. This is the third data scrape that The Hack is covering today (12), after Facebook 533 million and the 1.3 million from the Clubhouse.
According to Hack Read, which analyzed the database sample of 827 million, although no compromising data was exposed, it is possible to carry out phishing scams and SIM swaping, identity scams and SMSishing with the scraped data.
The bank analyzed by HackRead is offering full name, position and company, e-mail; company website, curriculum information, location and phone number of users. The other, of 500 million, was analyzed by Cybernews and offers data such as full name, e-mail, gender, telephone, job and company information, as well as links to other social networks.
All data collected is public and available to anyone on LinkedIn. The only difference is that this is a massive compilation of that data. It is important to remember that no LinkedIn server was compromised in the process of compiling the data.
In a statement, LinkedIn informs that data scraping is an act that violates the privacy and data policy of the social network and who is investigating the case.
“We investigated an alleged LinkedIn data set that was posted for sale and determined that, in fact, is an aggregation of data from various websites and companies. It includes profile data for publicly visible members that appear to have been taken from LinkedIn. This was not a data breach on LinkedIn, and no LinkedIn private member account data has been included in what we have been able to review. Any misuse of our members’ data, such as scraping, violates LinkedIn’s terms of service“, writes the company.