LinkedIn personal Information Incident overview
A few weeks earlier, there was an incident where hackers deleted Facebook user information from their social media platforms. A few moments later, a similar case took place on LinkedIn. Cybercriminals intercepted the personal data of more than 500 million users for their use in yet another incident. Later, the hackers discovered an archive containing the users’ LinkedIn IDs, email addresses, full names, personal data, and PII.
According to a CyberNews article published on Tuesday, April 6th, this was the case. Last week, more than 533 million Facebook users had their data scraped off by hackers.
According to the paper, the data seized also included LinkedIn users’ social media profiles. The hackers went on to prove the validity of their attack by releasing another 2 million user records.
Moreover, users can also display the samples for $2 worth of credits. The hackers acted by auctioning off the crown jewels. The assessment shows that they are of the 500 million users for Bitcoin’s equivalent value. However, Candid Wuest, Vice President of Cyber-Protection Analysis, claims that the data does not contain any passwords or credit card information. This, therefore, means that they would sell for a meager price.
Confirmation of LinkedIn from the Data-Scrapping incident
Soon after the attack, officials from LinkedIn announced that criminals had intercepted data from their network. However, it reports indicating that it resulted from crapping rather than a data system violation. LinkedIn said in a weekly statement that it is investigating the suspected LinkedIn data posting. So far, it is clear that it was an aggregation of data from many websites and companies.
Scraping is a popular method used by cybercriminals to steal personal information from the internet. They use the tactic to resell data for profit and use the information for other malicious purposes. Scraped data works by engineering identity theft attacks, phishing attacks, and stealing victims’ personal information, among other nefarious activities.
While echoing the previous Facebook incident, the LinkedIn officials state that it will remain vigilant to any data misuse. Also, the officials will investigate expediently in case of an attack.
Data and Information Violation
It’s uncertain if the General Data Protection Regulation (GDPR) will bring proceedings against LinkedIn for data breaches. GDPR is a regulation that went into effect in May 2018 intending to protect personal data by establishing guidelines for businesses and organizations to handle it. According to the law, companies must also report data breaches within a certain amount of time or face penalties.
CyberNews now has online software that allows people to check if there is any compromise on data. CyberNews, therefore, advises that users must be careful before opening emails and messages from unknown senders.
Wuest further quelled phishing attacks’ claims by stating that it is uncommon for criminals to use such data for extortion and phishing attacks. Instead, the hackers may target job seekers on a platform like LinkedIn by offering them false job offers and later infecting them with Trojans. Golden Chickens group is behind the LinkedIn personalized phishing attacks.