Update, June 29 (3:45 p.m. ET): LinkedIn says this was not a breach, no private data exposed
What you need to know
- LinkedIn reportedly suffered a massive data leak.
- A hacker is selling the information of over 700 million LinkedIn accounts.
- Back in April, LinkedIn suffered a similar leak exposing more than 500 million accounts.
LinkedIn has reportedly suffered a massive data leak, exposing the data of more than 700 million of its users, or roughly 92% of its user-base. The leak was first reported by Restore Privacy.
The data was obtained by a hacker who exploited the official LinkedIn API. The hacker is currently selling the information online and posted a sample of the data on June 22, containing the information of 1 million users. The leaked user data includes the following information:
- Email Addresses
- Full names
- Phone numbers
- Physical addresses
- Geolocation records
- LinkedIn username and profile URL
- Personal and professional experience/background
- Other social media accounts and usernames
For now, it doesn't appear that login credentials or sensitive financial information are part of the leak. However, the data does include inferred salaries, and the obtained information could still pose a threat to users.
According to Restore Privacy, the information is accurate and up-to-date as of 2020 and 2021 and can put LinkedIn users at risk of identity theft. "Additionally, bad actors can use the available data, particularly usernames, emails, and personal information, to gain access to other accounts."
This isn't the first leak that LinkedIn has suffered this year. In April, the social networking platform suffered a similar data leak affected 500 million accounts. However, according to LinkedIn, the information was an "aggregation of data from a number of websites and companies" and only included publicly viewable user information from the site.
Facebook also dealt with a major leak this year from a breach that occurred in 2019.
Update, June 29 (3:45 p.m. ET) ― LinkedIn says no private data was exposed
LinkedIn has given a statement regarding the recent leak. Similar to the previous leak back in April, the company says that the data being sold "was scraped from LinkedIn and other various websites" and that it "includes the same data reported earlier this year."
Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed.