500 million Linkedin profiles for sale on the dark web

Share

08 April 2021A mine of information available to the highest bidder.

This is the alarm launched by Cyber ​​News according to which an archive with the data of 500 million LinkedIn profiles including e-mails, telephone numbers, links to other social profiles and professional details would be on sale on the dark web.

A new front a few days after the news of the personal data of over 500 million Facebook users stolen in 2019 and reappeared online.

LinkedIn user credentials could be used for further online attacks and scams.

According to Cyber ​​News, it is unclear whether the cybercriminals "are selling updated profiles or if the data was taken from a previous breach by LinkedIn or other companies."

Around 600 million users are registered on LinkedIn worldwide.

As Cyber ​​News explains, to prove the legitimacy of the information, the vendor would allow you to download two million data as a sample, at a price of only $ 2, while for access to the complete database of stolen information, payment of approximately $ 1,800 is required .

As it happened for Facebook, also for LinkedIn it is the so-called "scraping", ie an extraction of data from a website by means of a software and therefore not a 'data breach', ie a violation of the platforms conducted with a cyber- attack.   

For experts, the first thing to do is to change the profile login passwords and all the passwords of the email accounts associated with LinkedIn profiles and be wary of LinkedIn messages and connection requests from unknown people.

Cyber ​​News also has a tool called 'personal data leak checker', in which by entering your email you can understand if you have been compromised.

investigation The Guarantor for the protection of personal data has initiated an investigation against Linkedin following the violation of the social network systems that led to the dissemination of user data, including IDs, full names, email addresses , telephone numbers, links to other Linkedin profiles and to those of other social media, professional titles and other work information entered in their profiles by users.

At the same time, the Authority adopted a provision with which it warns anyone who has come into possession of personal data deriving from the violation that their possible use is in contrast with the legislation on the protection of personal data, since such information is the result of unlawful processing.

The use of these data, the Guarantor reminds us, involves consequences, also of a sanctioning nature. Also taking into account the fact that Italy is one of the European countries with the highest number of subscribers to the platform, the Authority also recalls all users affected by the violation to the need to pay particular attention to any anomalies related to their telephone number and account in the coming weeks.

In fact, these data could be used for a series of illegal conduct, ranging from unwanted calls and messages to serious threats such as online scams or identity theft or phenomena such as the so-called "SIM swapping", a technique used to violate certain types of online services that use the mobile number as an authentication system.