In a matter of days after a big leak of Facebook data becoming news, it was LinkedIn's turn to become the target of the same scam. Files from the social network, supposedly with data from 500 million users, are being traded on the internet. The information was released on Tuesday (6) by the portal CyberNews.
In total, four files were leaked with information about registered profiles on LinkedIn. Data that may have been obtained by scammers include:
- LinkedIn IDs
- Full names
- Email address
- Phone numbers
- Links to LinkedIn profiles
- Links to other social media profiles
- Professional titles and other data related to users' work
To prove that the attack was successful, cybercriminals even released two million records as a sample. Access to the samples is being sold on the web for $ 2 in credits at a hacker forum. In the meantime, the main perpetrator of the threat indicates that he is willing to auction the entire database for an amount of at least four digits.
It remains unclear whether the threat agent is selling up-to-date information, or whether the data was obtained from a previous breach suffered by the social network.
- Data leak exposes Mark Zuckerberg's profile on WhatsApp's main rival
- Facebook is notified by Procon-SP for possible leakage of data from more than 8 million Brazilians
- How do I keep my data safe after Facebook leaks?
The leaked data can be used against LinkedIn users to execute attacks phishing, spamming e até brute force attacks, which consists of an attempt to crack a password or username using a trial and error approach.
The “good news” is that the files obtained do not include any sensitive data, such as credit card details or legal documents. Still, it is worth mentioning that other cybercriminals can combine this information with other data breaches, creating more detailed profiles about their victims to carry out social engineering attacks or even commit identity theft.
If you suspect that your profile may be compromised, one of the recommendations is to be extra careful with messages and connection requests from strangers on LinkedIn. Another tip to avoid problems is to change the password for your account on the social network and the email registered in your profile. Enabling two-factor authentication for all your internet accounts is also a good practice.