The personal information of 500 million LinkedIn users, is being marketed in hacking forums, with the person responsible for leaking the database demanding a number of thousands of dollars for release.
As proof of what you have in hand, the information of two million people has been released free into space and serves as a sample of the complete volume.
The leak includes data such as full names, e-mail addresses, phone numbers, gender, social network identification numbers, and information about the workplace, professional titles, and other information related to users’ professional lives.
There are also links to profiles on other social networks, according to what each registered in their own account.
Sensitive data, however, was not found in the middle of the leaked volume, which does not appear to contain passwords for accessing LinkedIn or the financial information of users of paid plans on the platform.
Documents, private conversations, and other sensitive information are also not part of the volume, which slightly reduces the severity of the leak, but does not make it harmless.
The veracity of the information was confirmed by the experts at Cybernews, also responsible for bringing the leak to the public. According to the researchers, although much of the leaked data is available on the social network itself, for all users of it, its compilation in a database of this type can lead to the practice of scams against those affected, especially attempts of social engineering that use such information to increase the appearance of legitimacy, especially in intrusion attempts against the internal systems of the companies that are part of the breach.
In addition, other fears raised by experts involve the mass sending of spam to registered phones and e-mails, which could lead to the installation of malware or to obtain more personal data through phishing messages and fraudulent websites.
There is also a risk that the information present here will be combined with other leaks that include passwords, allowing brute force attacks on users’ profiles on social networks, email platforms, and other restricted services.
LinkedIn, however, did not confirm the leak.