Apparently the personal data of more than 700 million LinkedIn users – which represents 92% of the total of 756 million accounts created in the social network owned by Microsoft since 2016 – have been exposed and are in a database of data for sale on the Dark Web.

Data leak affects 92% of LinkedIn users

Among the information that makes up this database is both the LinkedIn name and username as well as much more sensitive data such as user’s phone number, address physical, geolocation data and even information about your salary or usernames and passwords of other social platforms.

The cybercriminal who obtained the information has published “openly” the data of one million users to demonstrate the content of the database you have for sale. It has been possible to confirm that the information is genuine and that it is updated by comparing the published data with the public information of these users on LinkedIn.

What have not been published are account passwords, although this is not a problem so that all the information included in the database is of high value and can be used by cybercriminals for, for example, similar to being LinkedIn with phishing techniques and trick users into giving them their passwords easily.

According to RestorePrivacy, it appears that the cybercriminal used the official LinkedIn API inappropriately to download the data, using a method similar to the one already used in April in another massive information “leak” in which the data of 500 million users was compromised from LinkedIn.

The company has confirmed to PrivacyShark that the information has been obtained not by a security breach or a leak, but has been collected using scrapping techniques, that is, by programming robots to store all the public information that exists on the social network .

UPGRADE: LinkedIn, in statements to TreceBits, ensures that the data does not come from the API of the social network. “LinkedIn does not have an API that can return all this data. Based on our current research, we have confirmed through sample analysis that various data fields such as phone number, gender, salary and address do not come from LinkedIn, “they say.

