Professional networking platform LinkedIn suffered another data breach where data of 700 million users was reported compromised. This was the second data breach reported this year and after the news of the breach made the rounds, the company denied breach.
Details
In a development concerning data privacy, popular professional networking platform LinkedIn was reported to have suffered from a data breach – its second this year – where data of around 700 million users was compromised. The hacker who is responsible for the breach tried to sell the dataset online and to establish credibility, the person also shared a sample data set. In that particular data set, data of about 1 million users are contained.
Also Read: Air India Data Breach: Credit card, passport and personal details of 45 lakh passengers compromised
LinkedIn Data Breach: What really happened?
A report by RestorePrivacy, dated June 27, claimed that a hacker was advertising a dataset that comprised of 700 million LinkedIn users for sale on the forum. In the advertised set, the data included information of 1 million users. Post data examination it was found out that the data set contained information such as a LinkedIn user’s Full name, their gender, their birth year, their birth date, their mobile number, their geolocation records, their profile URL, their professional experience, and the usernames of their other social media accounts.
LinkedIn Data Breach: What did the hacker do?
According to a RestorePrivacy report, the hacker could have accessed the data from the company’s Application Programming Interface (API). API in a nutshell is a programmable intermediary which lets two application share information with each other.
LinkedIn Suffers Second Major Breach in One Year
Earlier this year in April, data from 500 million users was put on online forums to be sold to hackers. The data breach in April came right after social media giant Facebook also faced a similar issue. In the April 2021 LinkedIn breach, the data that was compromise included the users’ IDs, their full names their email addresses, their phone numbers, work-related data and even their professional titles.
LinkedIn Claims no Data Breach After Reports Emerge
Meanwhile, after the company was reported to have suffered from a data breach, it put out an update on its website.
The update read-
“Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update.”
The update further read-
“Members trust LinkedIn with their data, and any misuse of our members’ data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable.”
Also Read: MobiKwik data breach leaves 99 million phone passwords, addresses and other data vulnerable
Data Breach VS Data Scraping
Data breach is any hacking incident where a hacker gains unauthorized access to data that’s private to the company, the product, or the service. As the name suggests, data breach is an incident where a hacker can breach into a company’s database, steal the sensitive and private data and publishes it.
Data scraping on the other hand is where a script made by a coder downloads all public information of users available on website.