wordpress blog stats
Connect with us

Hi, what are you looking for?

Data of 700 million LinkedIn users up for sale on dark web: Report

The breach closely follows other instances of massive data leaks from firms like Dominos, Mobikwik, and Big Basket. 

Data belonging to 700 million people were put on sale on the dark web by a hacker who claimed to have obtained them from professional networking site LinkedIn’s application programming interface (API), according to a report by RestorePrivacy.

The hacker had posted online, with 1 million users’ data as a sample, asking for a 4-figure US dollar sum (which can range from Rs 75,000 to Rs 7.5 lakh) to be deposited into an escrow account for the entire data.

LinkedIn has since denied any breach of private data, saying that it is a part of publicly viewable member profile data. In a statement posted on its website, LinkedIn said, “Our initial investigation has found that this data was scraped from LinkedIn and other various websites, and includes the same data reported earlier this year in our April 2021 scraping update.”

Data of 500 million users were exposed in April when a hacker posted them up for sale on the dark web in exchange for bitcoins. The Microsoft-owned company has 756 million users worldwide and thus, the latest breach could potentially impact 92 percent of its users.

Advertisement. Scroll to continue reading.

A sample data set of 1 million users was posted which upon examination, by 9to5Mac, included-

  • Email Addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn username and profile URL
  • Personal and professional experience/background
  • Genders
  • Other social media accounts and usernames

Concerns about increased vulnerability

Prasad T, Chief Information Security Officer at InstaSafe a cybersecurity firm, said that the breach appears to be an API end-point exploitation. “Although the data is illegal to use, it is highly in demand as in countries like the US, such (data) is in-demand for marketing purposes. However, should bad players get access to the data, it can lead to identity theft through more breaches,” Prasad told MediaNama.

The absence of stringent government policies on cybersecurity requirements makes these attacks more likely. According to Prasad, regular access points and API evaluation itself can prevent many of these breaches from happening. “Governments need to see that the best engineers work for companies like LinkedIn, Google, Apple, etc. If they can get hacked then it is necessary that governments put in place some cybersecurity requirements,” Prasad added.

Other data breaches

The breach comes on the heels of massive data leaks from firms like Dominos, Mobikwik, and BigBasket which included passwords, Aadhaar card details, addresses, etc. Following this, many cybersecurity experts had raised concerns over MeitY (Ministry of Electronics and Information Technology) and CERT-In’s (Indian Computer Emergency Response Team) inaction over these leaks.

According to disclosures made in Parliament by CERT-In, 26,121 Indian websites were hacked in 2020, including 59 government ones. Further, there was a 196 percent rise in cybersecurity incidents from 3,94,499 in 2019 to 11,58,208 in 2020.

While BigBasket and Mobikwik denied claims of a data breach, the Reserve Bank of India instructed Mobikwik to ensure a third-party audit of its systems by a team from a CERT-In empanelled auditor.

Meanwhile, Dominos approached the Delhi High Court to direct the Ministry of Electronics and Information Technology (MeitY) and Delhi Police to take down links to the leaked data.

Advertisement. Scroll to continue reading.

Also Read

Written By

I cover health and education technology for MediaNama. Reach me at anushka@medianama.com

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

News

By Stella Joseph, Prakhil Mishra, and Yash Desai The Government of India circulated proposed amendments to the Consumer Protection (E-Commerce) Rules, 2020 (“E-Commerce Rules”) which...

You May Also Like

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ