LinkedIn Breach Reportedly Exposes Data of 92% of Users, Including Inferred Salaries

Summary:
According to researchers, a new posting with 700 million LinkedIn records has appeared on a popular hacker forum.

Analysts from Privacy Sharks stumbled across the data put up for sale on RaidForums by a hacker calling himself "GOD User TomLiner." The advertisement, posted June 22, claims that 700 million records are included in the cache and included a sample of 1 million records as "proof."

The database is for sale on the dark web, with records including phone numbers, physical addresses, geolocation data, and salaries.

Analyst Comments:
Breaches like these can be used for social engineering attacks to target individuals or companies with fake job offers, hiring opportunities, or used for extortion. In the past, we've observed breaches like these leveraged to deliver personalized phishing emails containing attachments delivering remote access trojans.

"It is currently unclear what the origin of the data is, but the scraping of public profiles is likely. Attackers used profile scraping to grab 500 million LinkedIn records that went up for sale in April. The leak contained an aggregation of data from several websites and companies as well publicly viewable member profile data. There are 200 million more records available in the collection this time around, so it's probable that new data has been scraped and that it's more than a rebuild of the previous group of records."

Mitigation:
Users should secure their LinkedIn accounts by updating passwords and enabling two-factor authentication. Companies have reported that social media breaches like these continue to be a security concern and discussion topic amongst cyber-security peers within their organizations. Information contained in these leaks, as mentioned above, can be leveraged relatively easily to carry out attacks against infrastructure.

Source:
https://news.linkedin.com/2021/april/an-update-from-linkedin
https://9to5mac.com/2021/06/29/linkedin-breach/