Almost daily there is another data breach reported that exposes data for hundreds of thousands or millions of people. This is a troubling trend. One of the most troubling events happened recently as 700 million profiles from the social media network LinkedIn were found for sale on a popular hackers forum. What’s worse is that the company isn’t admitting that it had been breached recently. Let’s take a brief look at this situation and try to unpack what is going on with LinkedIn.
Most people know all about LinkedIn. It is a social media site where professionals can network with other professionals. For all the good the social network tries to do, they’ve also been a major target for hackers. Back in 2012 they had 6.5 million accounts stolen by a Russian hacker and had nearly 100 million email addresses and passwords exposed. A year later there was more controversy as LinkedIn used man-in-the-middle attacks to intercept user emails and move them to LinkedIn servers. Finally, in 2018, after Microsoft’s acquisition of the company, LinkedIn users began to start getting extortion emails from account information that had been for sale on the Dark Web.
On top of those big hacks, LinkedIn has been connected to several other security breaches and failures, including the repeated use of fake LinkedIn accounts to facilitate data theft and unauthorized access to third-party networks.
In April, 500 million LinkedIn user accounts were put up for sale on a popular hacker forum. A new posting was not the result of a data breach. This information was scraped, but still included full names, email addresses, phone numbers, workplace information, and much more. With a user base of about 740 million users, this represented a large amount of the people that use LinkedIn.
If this wasn’t troublesome enough, there have been reports that LinkedIn is removing access to scholars and other active individuals inside China without any explanation by the company. This has some intellectuals and other active users of the platform concerned over the way the company is censoring information to operate in the Chinese market, which is known to suppress the availability of information to their nearly two billion constituents.
Just recently, it was reported that a data breach occurred that allowed hackers to make information available from over 700 million records from LinkedIn, over 92 percent of the user base. LinkedIn, not addressing the fact that most of the personal information they have been tasked with keeping secure is now available for purchase, defiantly put out the following statement:
Scraping, in this context, is short for a method of data harvesting called web scraping, or web harvesting. It is the act of using software to effectively copy material from websites using the website’s code. It is a method hackers use to gain invaluable information from websites without going through the original channels. In the case of many business websites that get scraped and have data stolen, the hackers actually don’t need to do as much as you’d think. Many utilize the relatively open nature of a business’ API (application programming interface), giving them direct access to the data they are looking to take.
We all trust these major corporations to do what they can to keep our sensitive data safe, but as they generally use it to maximize their ability to create revenue, it becomes difficult to trust them to keep your best interest in mind.
Keeping your data safe has become more difficult, and more important, than ever. To learn how we can help your business secure your data, give us a call today at (415) 295-4898.
Mobile? Grab this Article