BACKGROUND:
As reported by 9to5mac a second massive Linkedin breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users.
“The database is for sale on the dark web, with records including phone numbers, physical addresses, geolocation data, and inferred salaries. The hacker who obtained the data has posted a sample of 1M records, and checks confirm that the data is both genuine and up-to-date …
No passwords are included, but as the site notes, this is still valuable data that can be used for identity theft and convincing-looking phishing attempts that can themselves be used to obtain login credentials for LinkedIn and other sites. With the previous breach, LinkedIn did confirm that the 500M records included data obtained from its servers, but claimed that more than one source was used. Hacker appears to have misused the official LinkedIn API to download the data, the same method used in a similar breach back in April”.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.