It's LinkedIn's 500 MILLION users, after Facebook...

-

After the massive Facebook Data Leak, here is another data leak, this time we have LinkedIn.


A report by CyberNews, an archive containing data of about 500 million LinkedIn users has been scraped and put on sale on popular hacker forum. 

Source: CyberNews


Another 2 million records are leaked as a sample proof that make certain the possession of real data.

The user’s data contained:

  • LinkedIn IDs
  • Full names
  • Email addresses
  • Phone numbers
  • Gender
  • Links to LinkedIn profiles
  • Links to other social media profiles
  • Workplace information
  • Job Titles, and might be something more…

The sample data can be viewed for about $2 worth of forum credits, and the threat actor appears to be selling the much-larger 500 million users database for the price in 4-digit sum ($$$$), in bitcoin.


Leaked Sample (Source: CyberNews)


Possible Outcomes?

  • Users whose data is leaked might face some phishing attacks which are specifically targeted and could trick them into the fraud.
  • The email-ids & phone numbers may be flooded with spams, containing malware.
  • Attacker may try to brute-force or may use the targeted wordlist to crack the account password.
  • Users may receive an unwanted person’s follow request, message to connect, or any other message that is providing immediate benefit to them.

 
What to DO?

  • Make a strong password and change your current account password immediately.
  • Enable 2 Factor Authentication.
  • Do not accept the follow/connect request of every person. Check thoroughly before you do.
  • Inform your peers and colleagues not to respond to any claim made from your account directly. Firstly, cross confirm it with a secured way of communication. As we don’t know whose data is leaked and whose account is being compromised.
  • Change password of your email account as well.
  • Beware of the spam and phishing mails received on personal and work mail.


Also Read:  How to make a strong Password?

 
If your data is SAFE?

  • As a precaution, every user must possibly remove their work email, personal email and phone number from the account.
  • Do not disclose your complete workplace information.
  • Remove all certificate credentials and if possible, minimize the amount of details shared in forms of projects, certifications, accomplishments, etc. That helps hacker to identify your skills and create a targeted attack.


Finally, make use of your VIGILANCE and do not fall in trap of frauds.


REMAIN VIGILANT, REMAIN SECURE

Comments

Post a Comment