Remember that LinkedIn breach that put 700 million user records at risk? That number has now risen to a billion records that include the personal information of LinkedIn users.
The hacker, whoever they are, is having quite a field day. They have just updated their personal data trove with email addresses and passwords on top of other scraped personal information from LinkedIn users.
In reporting the new finding, PrivacySharks said it reached out to LinkedIn for verification. The firm received this official statement from Leonna Spilman, a corporate communications manager at LinkedIn:
“While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach, and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service, and we are constantly working to ensure our members’ privacy is protected.”
A review of what’s been hacked
PrivacySharks said its investigation turned up evidence that the files now contain the following 14 pieces of personal data:
Names (first and last)
Email and password combinations
Given that the person behind the update is the same one linked to the original breach, most of the data is probably the same as what was exposed previously.
What should LinkedIn members do?
Putting personal information on a site like LinkedIn was problematic for many users before details of this breach were publicized. One ConsumerAffairs reviewer named Lisa summed up her thoughts quite nicely.
“I personally do not like the idea of posting a resume for everyone to see when there are so many safety issues and Internet hackers out there,” she said.
If all that’s been reported is accurate, then LinkedIn users are up against a high wall when it comes to protecting their personal data -- and the platform has to be nervous about the potential fallout.
“From a consumer's point of view, I think the fact that this is the third LinkedIn data leak in a few months will be extremely unsettling for users,” Madeleine Hodson, Chief Editor at PrivacySharks told ConsumerAffairs. “Since passwords have been included in this recent leak (although not yet confirmed to be from LinkedIn accounts) it will cause concern and lead users to question the strength of LinkedIn's security measures.”