Linkedin Database

Data of over 700M LinkedIn users was posted on a hacker forum for sale last week but again a 68MB of JSON database containing LinkedIn data recently collected from 88,000 US business owners was shared on a popular hacker forum.

Targeting Owners whose Job position is Changed in 90 days

It is seen according to the Poster that the target is made on the US business owners who have “changed job positions in past 90 days.” According to the report by Cybernews.

The database includes:

  • Full names
  • Email addresses
  • Workplace information
  • Data that points the owners publicly listed on their LinkedIn profiles

We do not see any misuse of this information yet, however, there is always a threat against US business owners whom the threat actors might see as being more affluent and potentially vulnerable to phishing and ransomware attacks.

LinkedIn does not seem to own up scraping incidents like data breaches in its posts. The company said about the recent 700 million profile scrape.

“Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed,” 

“Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update,” reads the LinkedIn statement.

What was shared by the threat actor?

As mentioned earlier, it is shown that professional information from LinkedIn profiles of 88,000 US business owners is leaked, such as:

  • LinkedIn summaries
  • Contact information
  • Full names
  • Email addresses
  • Locations
  • Professional titles and other work-related data

An example of scraped data:

Are you affected by this attack?

If you believe that your LinkedIn profile data might have been shared by the threat actor, please:

  • Remove your email address from your public LinkedIn profile to avoid it being scraped by a malicious third party in the future.
  • Beware of suspicious LinkedIn messages and connection requests from strangers.
  • Change the password of your LinkedIn and email accounts. 
  • Consider using a password manager to create strong passwords and store them securely.
  • Enable two-factor authentication (2FA) on all your online accounts.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.