According to a report by PrivacySharks, the personal information of 700 million LinkedIn users would be for sale on the dark web , including data on salaries of the interested parties. This would leave 92% of service users at risk phishing , identity theft and other illegal activities possible thanks to the acquired data. The company's reply was not long in coming:
While we're still investigating the matter, our initial analysis indicates that the data in question includes information gleaned from LinkedIn and third parties. This was not a LinkedIn data breach and our investigation determined that no LinkedIn members' private data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure the protection of the privacy of our members.
There would therefore have been no real data breach, but one scraping , to the detriment not only of LinkedIn itself, thanks to which the information in question would have been reconstructed , which therefore may not be exact / complete. The information reported would be the following:
- Name
- Telephone number
- Address
- Location information
- LinkedIn username and profile URL
- Personal and professional experience / background
- Gender
- Accounts and usernames of other social media
The data have been verified and analyzed by RestorePrivacy, and based on their investigations the information would be authentic and updated (2020-2021).
The perpetrator of the theft claimed to have obtained this data by exploiting a bug in an official LinkedIn API . According to what the company said, there would have been no violation and therefore the data would not be complete and confidential, but obtained from public sources through scraping .
However, it is not the first time this year that LinkedIn is at the center of such a story, which is certainly not good publicity for the company, nor a comfort for its users. We will therefore keep you updated on the evolution of this last issue.
