Experts Reaction On Linkedin Breach Reportedly Exposes Data Of 92% Of Users

BACKGROUND:

As reported by 9to5mac a second massive Linkedin breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users.

“The database is for sale on the dark web, with records including phone numbers, physical addresses, geolocation data, and inferred salaries. The hacker who obtained the data has posted a sample of 1M records, and checks confirm that the data is both genuine and up-to-date …

No passwords are included, but as the site notes, this is still valuable data that can be used for identity theft and convincing-looking phishing attempts that can themselves be used to obtain login credentials for LinkedIn and other sites. With the previous breach, LinkedIn did confirm that the 500M records included data obtained from its servers, but claimed that more than one source was used. Hacker appears to have misused the official LinkedIn API to download the data, the same method used in a similar breach back in April”.

Experts Comments

July 01, 2021
Uriel Maimon
Senior Director of Emerging Technologies
PerimeterX

It’s important to remember that when sensitive information leaks, it doesn’t affect just the website that leaked it. The users can be affected for years to come in completely unexpected ways.

For example, private information can be used to create synthetic identities that are then used to generate fraudulent credit card or loan applications which inevitably affects the original users but also the financial institution. Our recent PerimeterX Automated Fraud Benchmark Report found that ATO and

.....Read More

It’s important to remember that when sensitive information leaks, it doesn’t affect just the website that leaked it. The users can be affected for years to come in completely unexpected ways.

For example, private information can be used to create synthetic identities that are then used to generate fraudulent credit card or loan applications which inevitably affects the original users but also the financial institution. Our recent PerimeterX Automated Fraud Benchmark Report found that ATO and credential stuffing are two of the most damaging types of automated attacks faced by businesses today, which affect the original website whose brand and image will inevitably suffer and whose reporting obligations and liability may be very costly.

  Read Less
July 01, 2021
Alex Balan
Director, Security Research
Bitdefender

Your phone number, e-mail address, social security number, home address are information we are constantly sharing with an increasing number of people, social media networks, and organizations. It’s only a matter of time before this information is exposed to cybercriminals if it isn’t already.

The most basic and imperative action is to know when that happens. Be mindful of your constantly growing (and never shrinking) online dossier/file. Every bit of relevant information about you can, and most

.....Read More

Your phone number, e-mail address, social security number, home address are information we are constantly sharing with an increasing number of people, social media networks, and organizations. It’s only a matter of time before this information is exposed to cybercriminals if it isn’t already.

The most basic and imperative action is to know when that happens. Be mindful of your constantly growing (and never shrinking) online dossier/file. Every bit of relevant information about you can, and most likely is, added to a file with your name on it to be later sold to advertisers or used by cybercriminals for identify theft, phishing, malware campaigns, and other illegal activities.

I urge everyone to seek out and understand what the internet ‘knows’ about them to take better control of their online privacy and personal data. 

While social media companies continue to improve at preventing scraping bots and other information-gathering tools, It’s our job as informed consumers to be aware of the information we expose publicly and how it can be used by cybercriminals in a worst-case scenario.

  Read Less
July 01, 2021
Jack Chapman
VP of Threat Intelligence
Egress

It's concerning to see another huge data dump making Linkedin users' information easily available to hackers - particularly because it sets the stage for further attacks. The data of these 700 million LinkedIn users may be used to create highly convincing spear-phishing attacks which utilise the attackers’ newfound knowledge of the users and their organisations. As phishing is the most common entry point for ransomware, organisations should urge their employees to remain vigilant for

.....Read More

It's concerning to see another huge data dump making Linkedin users' information easily available to hackers - particularly because it sets the stage for further attacks. The data of these 700 million LinkedIn users may be used to create highly convincing spear-phishing attacks which utilise the attackers’ newfound knowledge of the users and their organisations. As phishing is the most common entry point for ransomware, organisations should urge their employees to remain vigilant for follow-up attacks. While many organisations have sophisticated firewalls to protect them, attackers are still able to target their biggest vulnerability – their people.

This case, following a similar one involving Facebook last year, also highlights the importance of caution when it comes to sharing your data publicly on social media – in doing so, you could be arming attackers with useful information that they can use against you in the future.

  Read Less
July 01, 2021
Benoit Grangé
Chief Technology Evangelist
OneSpan

This breach is an unfortunate reminder of how vulnerable our personal data is online and that consumers must take action over their digital identity by taking extreme caution when dealing with any unsolicited communication that they receive and ensure that they have multi-factor authentication enabled wherever possible. That way, when identity leaks like this inevitably happen, consumers can be certain that they remain safe online. There is a lot of really sensitive information in this breach

.....Read More

This breach is an unfortunate reminder of how vulnerable our personal data is online and that consumers must take action over their digital identity by taking extreme caution when dealing with any unsolicited communication that they receive and ensure that they have multi-factor authentication enabled wherever possible. That way, when identity leaks like this inevitably happen, consumers can be certain that they remain safe online. There is a lot of really sensitive information in this breach that fraudsters will look to exploit by targeting individuals with uniquely tailored phishing attacks to gain access to accounts or trick unwitting consumers to transfer money. No trusted organization would ever ask someone to part with money or their sensitive information via email, SMS, or phone.

On the other hand, banks need to have tools in place to prevent fraudsters from committing application fraud using information like this to set up new accounts in the victim's name. By using the latest identity verification technologies such as AI and biometrics in their onboarding processes, financial institutions will be able to quickly and remotely verify whether an applicant is in fact who they say they are or not.

  Read Less
June 30, 2021
Tim Mackey
Principal Security Strategist, Synopsys CyRC (Cybersecurity Research Center)
Synopsys

From a user’s perspective, there is no difference between a data breach where company servers were hacked and someone misusing an API to obtain their data. Data loss is data loss, and attackers will find the simplest way to obtain the data they need to fund their operations. As successful attacks on infrastructure become more difficult to execute, attackers will naturally shift their focus to abusing legitimate access methods like APIs provided by businesses to access data. Where legitimate

.....Read More

From a user’s perspective, there is no difference between a data breach where company servers were hacked and someone misusing an API to obtain their data. Data loss is data loss, and attackers will find the simplest way to obtain the data they need to fund their operations. As successful attacks on infrastructure become more difficult to execute, attackers will naturally shift their focus to abusing legitimate access methods like APIs provided by businesses to access data. Where legitimate users care about terms of service, criminals won’t. This is an important detail for anyone exposing an API on the internet – it’s only a matter of time before your APIs are discovered and abused. So the key question then becomes – how quickly can you detect abnormal usage and take corrective action? The more powerful your API, the more attractive it will be to criminals.

  Read Less
June 30, 2021
Mark Rodbert
Founder and CEO
Idax

LinkedIn urgently need to look at how their APIs are used. A function designed to retrieve information about one person can have a negative impact when used to fetch a million records. Modern analytics and big data have changed the way we view information; in the old days I was happy for my phone number and address to be in a telephone directory when it was a paper book and hard to get at, but now everything is instantly available across the globe I’m much less happy.

June 30, 2021
Jim Gogolinski
Vice President of Threat Intel and Research
iboss

While LinkedIn may not have been the victim of a data breach, this development proves that motivated attackers are still capable of gleaning and leveraging publicly-available information that can have broad implications on consumers. This is a stark reminder of the amount of information that cybercriminals have at their disposal to carry out dangerous and hard to spot phishing and credential stuffing attacks. It should also serve as a warning to users to remain diligent in their use of

.....Read More

While LinkedIn may not have been the victim of a data breach, this development proves that motivated attackers are still capable of gleaning and leveraging publicly-available information that can have broad implications on consumers. This is a stark reminder of the amount of information that cybercriminals have at their disposal to carry out dangerous and hard to spot phishing and credential stuffing attacks. It should also serve as a warning to users to remain diligent in their use of passwords, including changing passwords regularly and not reusing them across multiple sites, as well as always using multi-factor authentication whenever possible.

  Read Less
June 30, 2021
Jake Moore
Cybersecurity Specialist
ESET

Cybercriminals use tools to scrape open platforms such as social media in order to link it with other compromised data. Although this method is not a typical data breach, the impact can still be the same. This data may have been public but the tools used made it easy for it to be collected in one simple move and collated in one location - and even sold on the dark web.

 

Malicious actors can do a lot of damage with a large list containing personal information. The big risk is identity theft but

.....Read More

Cybercriminals use tools to scrape open platforms such as social media in order to link it with other compromised data. Although this method is not a typical data breach, the impact can still be the same. This data may have been public but the tools used made it easy for it to be collected in one simple move and collated in one location - and even sold on the dark web.

 

Malicious actors can do a lot of damage with a large list containing personal information. The big risk is identity theft but follow up phishing emails are also inevitable for those affected.

 

Together with previous and even recent high profile breaches many people's passwords are also readily available on the dark web so it quickly and simply becomes a series of joining the dots. This risk is then increased due to the fact that many people use the same passwords across multiple accounts.

 

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.