Just two months after LinkedIn was the subject of a government probe after data on 500 million of its users was scraped and published online, a new posting with 700 million LinkedIn records has appeared.
Discovered by analysts from Privacy Sharks, the records were put up for sale on popular hacker forum RaidForums by a hacker known as “GOD User TomLiner.” Posted on June 22, the seller stated that it was in possession of 700 million user records and included a sample of 1 million records as evidence.
Privacy Sharks assessed the free sample and discovered that the records include full names, gender, email addresses, phone numbers and industry information.
It is unclear as to where the data originated from, however in a statement LinkedIn reported that “this was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed.” The social network is still investigating but added ”initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources.”
“This time around, we cannot be sure whether or not the records are a cumulation of data from previous breaches and public profiles, or whether the information is from private accounts,” according to Privacy Shark’s blog post, published Monday. “We employ a strict policy of not supporting sellers of stolen data and, therefore, have not purchased the leaked list to verify all of the records.”
Although credit-card data, private message contents and other sensitive information has not been compromised, there are still serious security implications.
With users’ email addresses and phone numbers made available, individuals could become the target of spam campaigns and/or victims of identity theft.
Missed PrivSec Global’s livestream experience? No problem, simply click here to access the sessions on demand.