Data of 500m users stolen from LinkedIn for sale onlineBusiness | 8 Apr 2021 10:51 am
A massive trove of LinkedIn account data has been found for sale online, containing 500 million user records including email addresses, phone numbers, links to other social media profiles and professional details, Tech Republic reported, citing CyberNews.
CyberNews researchers say the leak was posted to a forum popular with hackers by a user asking for a "four-digit $$$$ minimum price" for access to the full database of stolen account information.
To prove the legitimacy of the info, the leaker included two million records as a sample that users on the form can view for US$2 worth of forum-specific credits.
CyberNews researchers were able to confirm that the data contained in the sample was legitimate, but added that " it's unclear whether the threat actor is selling up-to-date LinkedIn profiles, or if the data has been taken or aggregated from a previous breach suffered by LinkedIn or other companies."
Included in the leaked data was "a variety of mostly professional information," including LinkedIn IDs, full names, email addresses, phone numbers, user gender, links to LinkedIn profiles, links to other connected social media profiles, professional titles and other work-related data. The leaked data doesn't appear to contain any credit card or other financial details, or legal documents that could be used for fraud.
The lack of financial or identification documentation doesn't mean the leaked data isn't dangerous, though. "Particularly determined attackers can combine information found in the leaked files with other data breaches in order to create detailed profiles of their potential victims. With such information in hand, they can stage much more convincing phishing and social engineering attacks or even commit identity theft against the people whose information has been exposed on the hacker forum," CyberNews said.