According to a report from CyberNews, data from 500 million LinkedIn users has been scraped and is for sale online. IDs, names, email addresses and more personal details are part of the massive database of stolen data, which could be used to launch additional attacks on LinkedIn and its users. A LinkedIn spokesperson confirmed to Insider that there is a dataset of public information that was scraped from the platform. The leak was displayed on a platform prevalent with hackers by a user asking for a “four-digit minimum price”, potentially in the form of bitcoin for access to the full database of stolen account information. Stressing on the authenticity of the information, the leaker included two million records as a sample that users on the form can view for $2 worth of forum-specific credits. LinkedIn administrators confirmed that data from the platform was included in the database and, like Facebook officials before said, it was not due to a breach of its system but instead was scraped from the LinkedIn site.
Advice from the Administrators of LinkedIn suggest that users should take precautions to protect their accounts and personal data by:
- Changing LinkedIn account passwords and email account passwords associated with LinkedIn profiles.
- Creating a strong, random, unique password and storing it in a password manager that can autofill logins.
- Enabling two-factor authentication (2FA) on LinkedIn accounts and any other account that offers 2FA.
- Being wary of LinkedIn messages and connection requests from unknown people.
- Learning to identify phishing emails and text messages.
- Never opening links to websites from an email, and instead of navigating to a site manually and logging in there.
- Installing strong anti-phishing and anti-malware software.
Read more: Reported by CyberNews researchers.