BENGALURU: Personal data of about 500 million LinkedIn users have been scraped and put online for sale, according to a report. This accounts for about two-thirds of the professional networking company’s user base.
Data — which includes a user’s name, emails, phone number, workplace information, and links to social media accounts hosted on the platform — have been exposed, according to Cyber News, which first reported on the breach.
This comes days after data of Facebook’s users was up for sale on the dark web.
LinkedIn said data has been scraped but denied it was a breach. “We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review,” the company said in a statement.
“Any misuse of our members’ data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable,” the company said.
The report added that the leaked files contained only LinkedIn profile information and not more sensitive information like credit details or legal documents in the sample posted by the hacker. “While users on the hacker forum can view the leaked samples for about $2 worth of forum credits, the threat actor appears to be auctioning the much-larger 500 million user database for at least a 4-digit sum, presumably in bitcoin,” the report cautioned.