The news that the data of 700 million users of the business social network LinkedIn are now publicly available has already spread all over the Internet. A hacker put the stolen database for sale for $5,000.
What kind of data leaked?
- Email addresses
- Full names
- Phone numbers
- Physical addresses
- Geolocation records
- LinkedIn username and profile URL
- Personal and professional experience/biography
- Gender
- Other social media accounts and usernames
As we can see from the open-source, there are no login credentials or financial data here. RestorePrivacy experts contacted the cybercriminal and found that the data was obtained by exploiting the LinkedIn API to harvest information that people upload to the site. All the data is authentic, up-to-date, and linked to real users.
What are the consequences?
The leaked database is a tidbit for cybercriminals as it can be used for further attacks:
- identity theft
- phishing attempts
- social engineering attacks
- hacked accounts
LinkedIn’s position
“While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach, and our investigation has determined that no private LinkedIn member data was exposed”.
