Widespread Credential Exposure is the Fallout of the Massive Linkedin Data Breach

Your Data Was Probably Exposed

LinkedIn suffered another monster data breach that came to light this week. Earlier this week, the data of 700M LinkedIn users appeared on a popular dark web forum. That number is more than 92% of LinkedIn’s estimated total of 756M users – and a boatload of exposed data.

 

If You’re a LinkedIn User, Your Data Was Probably Exposed

In the original post, first reported by Privacy Sharks, the hacker with the goods posted a sample as proof of the hack that contained about 1 million records. Experts and researchers in multiple security organizations have confirmed that the data was genuine. To add insult to injury, Restore Privacy reports that this hack appears to have been carried out by exploiting the same vulnerability that hackers used to scrape 500 million user accounts just three months ago in April 2021.  

This hack is huge for another reason. This scrape isn’t just a quick scoop up of average, basic user data. This treasure trove for cybercriminals contains a plethora of sensitive and personally identifiable information that can be used to facilitate all manner of cybercrime from spear phishing to business email compromise scams or identity theft. It’s a danger to both workers and businesses. Experts are warning LinkedIn users that after studying the sample provided by the hacker, they’ve determined that extensive personally-identifying information (PII) may have been exposed in this incident including: 

  • Email Addresses 
  • Full names 
  • Phone numbers 
  • Physical addresses 
  • Inferred salaries 
  • Geolocation records 
  • LinkedIn username and profile URL 
  • Personal and professional experience/background 
  • Genders 
  • Other social media accounts and usernames 

So What Should You Do?

The sequence of steps that your company will take in the event of a cyberattack or data breach should be delineated in your incident response plan, right down to who is going to handle the publicity and how they’re going to do that. Put the powerful solutions in the ID Agent digital risk protection platform to work for you to sensibly and affordably protect your organization from today’s biggest cybercrime threats.  Contact one of our solutions experts today.

Comments are closed.