500 Million LinkedIn Accounts Leaked on the Dark Web
Days after 533 Facebook user’ records were found online, news broke that over 500 million LinkedIn user profiles were discovered on the Dark Web. The hackers shared two million of these LinkedIn records for only $2 total to prove the legitimacy of the information in the stolen data. The business and employment-oriented online networking platform is used by professionals all over the world. The LinkedIn account users’ data was scraped or imported from the website into a database, and includes names, LinkedIn account IDs, email addresses, phone numbers, gender, LinkedIn profile links, connected social media profile links, professional titles, and other work-related personal data.
Impact of Exposed Professional and Personal Information from Social Media Leaks
The full database containing the variety of personal and professional information was accessible for a “four-digit $$$$ minimum price” and the two million leaked samples can be viewed for as low as $2 for the entire database. That’s a small price to pay for the amount cyberthieves may gain through identity fraud, including synthetic identity theft which can escalate to unemployment fraud. In the hands of cybercriminals, this information can also be used to commit phishing and vishing schemes, credential stuffing. Worst yet, an account takeover attack on a professional platform like LinkedIn can cause serious damage to your reputation.
There are over 55 million businesses showcasing their services and job openings on LinkedIn. Employees’ personal accounts are used to manage these business profiles, adding additional security risk from this data exposure. Using Personally Identifiable Information (PII) and social engineering tactics to log into employee’s accounts, hackers gain entry into business social accounts – resulting in harm to companies’ reputation and loss in consumer trust.
Tips to Use Today to Protect Your Social Accounts
- Watch out for suspicious links. Be careful not to click on suspicious links, open attached files or install malicious apps even if they appear to come from a friend or a company you know. This includes links on LinkedIn, in private messages and in emails.
- Create a strong password. Make sure you create strong passwords for your social media accounts and make them unique. If a hacker cracks one of your passwords, they can easily hack into other accounts, including financial accounts.
- Turn on two-factor authentication. By activating this LinkedIn security setting you are further protected from account takeover attacks.
Big Breaches are Happening – A New Approach to Mitigate Impact
Millions of consumer records are being exposed and it’s tricky to understand the severity of each data breach and its associated risks. Sontiq’s new breach intelligence capability, BreachIQ, provides personalized, recommended actions if you discover you’ve been affected by a security incident.