New LinkedIn data leak exposed details of 92% of users. Professional networking platform LinkedIn has denied reports of a data breach that allegedly compromised the data of more than 700 million users.
“Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed,” the company said in a note posted on its website. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update.”
The data was obtained by a hacker who exploited the official LinkedIn API. The hacker is currently selling the information online and posted a sample of the data on June 22, containing the information of 1 million users. The leaked user data includes email address, full name, phone numbers, physical address, geolocation, user name, profile URL, gender, social media link and professional experience details.
For now, it doesn’t appear that login credentials or sensitive financial information are part of the leak. However, the data does include inferred salaries, and the obtained information could still pose a threat to users.
RestorePrivacy reports the hacker is on a popular dark web forum attempting to sell a database of 700 million LinkedIn records. The hacker published a free sample of one million records to entice potential buyers.
The team at RestorePrivacy analyzed and cross-checked data from the sample with publicly available data to determine that it is actually authentic. The team also found that much of the data is current. Much of the information was updated on user profiles as recently as 2020 or even 2021.
The hacker tells RestorePrivacy that he exploited the LinkedIn API to harvest data from the site. At the time of writing, the massive trove of LinkedIn records is still up for sale on the forum.