A massive data breach has reportedly exposed data of 700 Million LinkedIn users, which is more than 92% of the total 756 Million users around the world. The database is for sale on the dark web that includes records including phone numbers, physical addresses, geolocation data, and inferred salaries.
The hacker has posted sample records of 1 million people that confirms that the data is both genuine and up-to-date. According to RestorePrivacy, the hacker has misused the official LinkedIn API to download the data.
On June 22nd, a user of a popular hacker advertised data from 700 Million LinkedIn users for sale. The user of the forum posted up a sample of the data that includes 1 million LinkedIn users. We examined the sample and found it to contain the following information:
LinkedIn username and profile URL
Personal and professional experience/background
Other social media accounts and usernames
Based on our analysis and cross-checking data from the sample with other publicly available information, it appears all data is authentic and tied to real users. Additionally, the data does appear to be up to date, with samples from 2020 to 2021.
We reached out directly to the user who is posting the data up for sale on the hacking forum. He claims the data was obtained by exploiting the LinkedIn API to harvest information that people upload to the site.
There are no passwords included in the list. However, the data is still valuable and can be used for identity theft, convincing phishing attempts, and more.
LinkedIn has not yet acknowledged the issue yet. We will keep you posted for any awaiting news.