700 million LinkedIn user records offered in underground forum

[German]At the beginning of April 2021, 500 million user records of LinkedIn users were offered for sale in an underground forum (see Data leak: 500 million LinkedIn user data for sale in underground forum). Now a new data leak has been revealed, as 700 million LinkedIn user records were again offered for sale in an underground forum in mid-June 2021. As it looks, the LinkedIn user data was accessed via the API of the Microsoft-operated social network, which is used by many users for professional purposes.

Many users trust LinkedIn with all sorts of private data, hoping that this information is safe there. All I can say is: keep your hands off LinkedIn, the social network that now belongs to Microsoft. I myself have never been registered with LinkedIn, but my email address has already been stolen in a hack (the address was in the LinkedIn master data record due to a company takeover). In 2021, there have now already been two incidents in which third parties have abused LinkedIn, the professional networking platform, to collect large amounts of user data.

LinkedID Leak, Source: Restore Privacy

Restore Privacy reports here  on a find in an underground forum. On June 22, a user of a popular hacker forum offered data of 700 million LinkedIn users for sale. The price is as low as $5,000 US. The forum user posted a sample of the data, which includes 1 million LinkedIn users. the editors of Restore Privacy examined the sample and found that it contained the following information:

Email addresses
Full names
Phone numbers
Physical addresses
Geolocation records
LinkedIn username and profile URL
Personal and professional experience/background
Gender
Other social media accounts and usernames

The user claims that the complete database contains the personal information of 700 million LinkedIn users. Since LinkedIn has 756 million users according to its website, this would mean that 92% of all LinkedIn users can be found in these records. After analyzing and matching the data from the sample with other publicly available information, it appears that all of the data is authentic and associated with real users. In addition, the data appears to be current, with samples from 2020 to 2021.

Restore Privacy spoke directly with the provider of the data and asked how they obtained the data. The vendor claims that the data was obtained by exploiting the LinkedIn API to collect information that people upload to the site. The implications are far-reaching, ranging from identity theft to phishing attacks to social engineering attacks and more.

LinkedIn is still investigating the incident, but assumes that the indication that the data was pulled via the API is accurate. The episode once again shows the dangers of social networks and it's not particularly wise to put specific personal data there.