(CTN News) – There has been a data breach of a LinkedIn database, containing the personal information of more than 35 million LinkedIn users, thanks to a hacker operating under the alias USDoD.
In an infamous cybercrime and hacker platform known as Breach Forums, a database of user information was leaked online.
As a matter of fact, USDoD is the same hacker responsible for breaching the FBI’s InfraGard security platform last year and revealing the personal details of 87,000 FBI members as a result of this breach.
A post by the hacker on Breach Forums confirmed that the most recent LinkedIn database had been accessed through the use of web scraping.
There is a process called web scraping, which is an automated process that is utilized by software to extract data from websites, primarily for gathering specific information from web pages.
According to Hackread.com, from their observation of the content of the database, the data consists primarily of publicly available information, such as the full name and profile bio of each user, from LinkedIn profiles. Despite the fact that the leaked database contains millions of email addresses, it is a relief to note that no passwords are included in the leaked information.
It can be seen in the screenshot below that the email addresses included in this breach belonged to high-ranking officials and institutions of the US government.
There have also been a number of email addresses identified from various government agencies around the world as well.
Do LinkedIn Data Have Legitimacy? Is it Genuine or False?
HaveIBeenPwned, a company founded by Troy Hunt, has analyzed over 5 million accounts from the database and has concluded that it contains a mixture of information derived from a number of sources, such as public LinkedIn profiles, fabricated email addresses, and various other sources.
Although some of the data may be anecdotal or partially fabricated, Troy asserts that the people, companies, domains, and a variety of email addresses are all real, regardless of what the data may indicate.
Hunt explained that since HIBP has determined that this corpus contains a significant amount of legitimate data, it has been loaded into the database.
I have flagged the list as a spam list due to the significant number of fabricated email addresses it contains, which will not affect anyone’s paid subscription if they monitor domains.
This is not the first time that LinkedIn’s scraped database has been published online. A threat actor was selling two scraped LinkedIn databases containing 500 million and 827 million records in April 2021.
There was a hacker who sold a scrapped LinkedIn database containing information about 700 million users in June 2021.