Highlights:
- 500M user accounts on LinkedIn are breached.
- LinkedIn breach came in after Facebook breach of 533M accounts happened.
- LinkedIn will alert the compromised accounts where Facebook has no such plans.
Introduction:
We are still reeling from the news of personal information from Facebook of 533 million accounts that face a compromise. The data has been available online for free.
But there is another big batch of people’s data floating around the internet. This includes data from LinkedIn which is a Microsoft’s social network. LinkedIn is popular as a social media platform for professionals where the professionals can connect with each other.
The potential scope of the leak is huge. An individual selling the data on a hacker forum claims that the compromise scrapes data from 500 million LinkedIn profiles.
About the data breach on LinkedIn:
In a sample of 2 million of the profiles for sale LinkedIn members’ full names, email address, phone numbers, genders and other information was visible. However according to LinkedIn the data includes information from various locations and wasn’t all scraped from the professional focused social network.
Scraping is a method that extracts the data from a website by using an automatic software or a snippet of code.
Statement from LinkedIn:
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies,” reads Linkedin’s statement.
The company also claims that there was no private member account data inclusion from LinkedIn. Perhaps this means that the scraped data only includes information that you are able to see on someone’s LinkedIn public profile. LinkedIn insists that this was not a LinkedIn data breach.
This would technically stand true If the data was scraped rather than collected by a hacker that penetrated LinkedIn’s system, what doesn’t do much for users whose data is sold on the internet.
LinkedIn has yet to tell us whether it will notify the users about data was in the data set. On the other hand Facebook doesn’t plan to inform users if they are people with compromise of the data.
LinkedIn Data Breach in Italy:
Italy’s privacy watchdog has begun an investigation into the compromised accounts on LinkedIn. In a statement the Italian authorities said that it has begun an investigation following the dissemination of user data that included ID, full name, email address, and phone numbers.
The regulator says that Italy has one of the highest numbers of subscribers on LinkedIn in Europe. They called the affected users to pay specific attention to any anomalies that may relate to phone numbers and their LinkedIn account.
The Italian move came in after Ireland’s privacy authority says that it was digging into a data leak. They had run research over the weekend of the personal data of over half a billion Facebook users. The Irish data protection Commission contacted LinkedIn and is waiting for answers to a number of questions.