Data of 500m LinkedIn users put up for sale on the Dark Web

Data of 500m LinkedIn users put up for sale on the Dark Web

Data of 500m LinkedIn users put up for sale on the Dark Web

If the leak of the personal information of 533 million Facebook users on a dark web forum wasn’t enough, detailed personal and professional information associated with 500 million LinkedIn profiles has been put up for sale on a popular dark web forum as well.

According to CyberNews, the massive chunk of LinkedIn profile information was allegedly scraped by hackers from LinkedIn itself and is stored in four files that have been put up for sale on a dark web forum for an undisclosed amount. To demonstrate that the data is genuine, hackers have leaked 2 million records as a proof-of-concept sample.

The compromised personal information includes users’ full names, email addresses, phone numbers, gender, links to LinkedIn profiles, LinkedIn IDs, links to other social media profiles, and professional titles and other work-related data. The massive data repository can enable opportunistic hackers to create detailed profiles of Internet users and carry out identity theft or targeted social engineering attacks.

“Particularly determined attackers can combine information found in the leaked files with other data breaches in order to create detailed profiles of their potential victims. With such information in hand, they can stage much more convincing phishing and social engineering attacks or even commit identity theft against the people whose information has been exposed on the hacker forum,” CyberNews said.

LinkedIn is yet to respond to the massive leak of user records, but this is the second time in a decade that the company has suffered a large-scale leak of user data records. The previous attack took place in 2012 when Yevgeniy Alexandrovich Nikulin, a Russian hacker, stole login information, including encrypted passwords, of over 117 million LinkedIn users.

After infiltrating the computer of a LinkedIn employee, Nikulin installed malware into the hijacked machine, and used the employee’s stolen credentials to log in to LinkedIn’s corporate VPN. Once inside LinkedIn’s corporate network, Nikulin stole a database containing the login information, including encrypted passwords, of over 117 million LinkedIn users. He used a similar tactic to steal the login credentials of over 68 million Dropbox users as well as the credentials of an unknown number of Formspring users.

The LinkedIn data breach also compromised ‘private log-in details of 1,000 British MPs and parliamentary staff, 7,000 police employees, and more than 1,000 Foreign Office officials’ in the UK. In October last year, Nikulin was sentenced to 88 months in prison in the U.S., two years after he was arrested while traveling in the Czech Republic.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]