600 million LinkedIn members scraped: data offered up for sale on hacker forum

600 million LinkedIn members scraped: data offered up for sale on hacker forum

by

LinkedIn has more than 600 million members, and those who are serious about their careers have accounts on the social networking site. But that’s not all they have—more than 150 million of them have had their data scraped and offered up on an underground hacker forum where it can be bought and sold to anyone willing to pay enough money. Here’s how these 615 million records were accessed and what you can do to protect yourself from having your information stolen in this way.

How it happened

In May, a hacker posted the names, email addresses, and phone numbers of more than 500 million LinkedIn members on a popular hacking forum. The data was offered for sale, and it’s likely that many people paid for it. This is a serious breach of security, and it’s unclear how the hacker obtained the data. LinkedIn has confirmed that the data is real, and they’re working to secure their systems. This is a reminder that no online service is 100% secure, and you should be careful about what information you share online.

 What we know

We know that a database of 600 million LinkedIn members was recently posted for sale on a popular hacker forum. The data includes names, email addresses, phone numbers, and more. We also know that this is not the first time LinkedIn has been hacked; in 2012, 6.5 million user passwords were leaked.

However, it is unclear how the hackers obtained this most recent batch of data. One theory is that the hackers may have gained access to another company’s servers through which they could have gleaned information about LinkedIn users, since many people use the same password across various sites.

Another theory is that the hackers may have used an SQL injection technique to extract data from LinkedIn’s website. If this were true, it would mean they either breached one of their own servers or found a vulnerability in their website software and exploited it to steal private data.

 The biggest victims

LinkedIn has over 600 million members, making it a prime target for hackers. And that’s exactly what happened recently, with a massive data breach resulting in the personal information of millions of users being exposed. The information was obtained by hacking into unprotected accounts and then traded online on a Russian website.

While not as damaging as other recent breaches (remember Equifax?), this one could still pose some significant threats to those affected. For example, a user’s password could be changed without their knowledge and they may not even realize they’re victims until much later when their account is used to access other services or transfer money.

In addition, passwords are also typically stored encrypted but easy passwords may have been compromised and so people should be sure to update them if they’re using any of the words from the list released by the hackers.

Also, many of these same passwords can be found in dictionaries and word lists which will make them easier to guess. With more hacks happening every day it’s important to remember that each individual must take responsibility for safeguarding their own identity through strong passwords and two-factor authentication.

Why this matters

This news is concerning for a few reasons.

Firstly, it affects a lot of people – 600 million is a huge number.

Secondly, the data that has been leaked is sensitive and could be used for identity theft or other malicious purposes.

Thirdly, this breach highlights the importance of data security and how companies need to do more to protect their users’ information.

Fourthly, it’s not just large companies that are at risk of data breaches – any organization can be targeted.

Fifthly, these sorts of breaches can have a negative impact on people’s trust in the affected company. Sixthly, they can also lead to financial losses for the company concerned.

 Lessons to learn

  1. Keep your online presence secure by using strong passwords and enabling two-factor authentication.
  2. Be cautious about what information you share online, as it could be used against you.
  3. Be aware of the signs of a data breach, so you can take steps to protect yourself if it happens.
  4. Hackers are always looking for new ways to gain access to sensitive information.
  5. Data breaches can have a major impact on individuals and businesses alike.
  6. It’s important to have a plan in place in case of a data breach.
  7. Taking steps to prevent a data breach from happening in the first place is the best way to protect yourself and your business. Here are some tips on how to do that:
  8. Change your password often – ideally every 90 days.
  9. Use different passwords for different sites, especially those that contain financial or other sensitive information.
  10. Turn on two-factor authentication where available; this will require an additional passcode (typically generated by an app) before granting access to an account.
  11. Use common sense when sharing personal or company data online – don’t overshare!
  12. Make sure all devices with internet connections are protected with security software and antivirus programs; these programs help guard against malware that can steal login credentials or other personal information while a device is connected to the internet (even if it doesn’t have an active web browser).

 Moving forward

This is a huge security breach, and it’s important to be aware of what information is out there about you. If you have a LinkedIn account, you should change your password and be extra vigilant about the kinds of information you share. The company says that the passwords were hashed and salted with bcrypt encryption, so even if someone gets ahold of your password they would not be able to get access to your actual account without this key.

There are many more social media sites and personal email providers that people use every day which put their users at risk in a similar way. It’s always important to take precautions when storing sensitive information online like changing your password frequently, or using two-factor authentication when possible. With major breaches happening constantly, all companies need to do better.

A six paragraph continuation would read as follows:

It’s always important to take precautions when storing sensitive information online like changing your password frequently, or using two-factor authentication when possible. With major breaches happening constantly, all companies need to do better. For example, Facebook was hacked last year and lost control over 50 million accounts. The hackers used automated scripts to scrape user profiles from the site then sold them off on the dark web.

For those who weren’t hacked but still want to remain safe, an easy step is to disable third party apps on Facebook – anything less than 100% trustworthy can become another vector for hackers. And while everyone deserves privacy when posting content online, it’s also important not to post something you wouldn’t want shared publicly, since once it’s out there, no one can take it back or prevent others from sharing that same content.

Leave a Comment