Pune: Personal data of 500 million LinkedIn users, two thirds of its user base, has been scraped and is for sale online, according to a report from Cyber News.
The data up for sale on a popular hacker platform includes account IDs, full names, email addresses, workplace information and links to social media accounts of users hosted on the platform.
“The leaked files appear to only contain LinkedIn profile information—we did not find any deeply sensitive data like credit card details or legal documents in the sample posted by the threat actor. With that said, even an email address can be enough for a competent cybercriminal to cause real damage,” Cyber News said.
There were no estimates of Indian users that were being sold. India has the second largest user base for LinkedIn with 71 million profiles, according to the data platform Statista. US is the largest with 170 million LinkedIn users, it said. It has over 740 million users globally, LinkedIn said on its website.
LinkedIn confirmed that the data was being sold but denied it was a breach.
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn,” a spokesperson said for the Microsoft owned company said. “This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
The company said it plans to hold the people who scraped the data accountable as it violates its terms of service.
“Any misuse of our members’ data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable,” the person said.
The Microsoft-owned company’s data sale comes weeks after data of Facebook’s users, including its founder Mark Zuckerburg were up on sale on the dark web.
Last week, a cybersecurity expert had flagged a data breach where he said the personal information of 533 million Facebook users including 6.1 million from India had been leaked online and posted for free on hacking forums. The social media company, however, said this was not a fresh issue, but one that it had plugged in 2019.
“All 533,000,000 Facebook records were just leaked for free. This means that if you have a Facebook account, it is extremely likely the phone number used for the account was leaked,” Alon Gal, cofounder and chief technical officer of cybersecurity firm Hudson Rock wrote on the microblogging platform Twitter.
A Facebook spokesperson told ET, “This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.”
India is among the biggest markets for Facebook and its group companies, WhatsApp and Instagram. According to government data, India has 530 million WhatsApp users, 410 million Facebook users, and 210 million users of Instagram.