500 million LinkedIn data is on sale, but it doesn't come from a leak

Facebook's recent bulk data leak, which for a few days was installed as a topic that turned on alerts from many Internet users, is not the only such problem that can be found on the web today.

Also, a LinkedIn user database is on sale on the network, according to a recent report.

The information was initially disclosed by the CyberNewsportal, noting that based on samples of two million, which would allegedly constitute a part of the profiles for sale, they were able to verify that among the compromised information can be the full names of LinkedIn members and their respective email addresses, phone numbers, genders, links to social media profiles, plus other personal data.

For published email addresses, the report reported that only 780,000 accounts are affected by this leak.

LinkedIn reacted, noting that the leak did not exist as such

Through a statement officially released through its press center, the Microsoft professional social network noted that this data comes from many different sources and that it was not extracted directly from one of its databases.

LinkedIn's official statement speculates that, given the nature of the published information, it could have been articulated from public sources of information, such as those same data displayed in the profiles.

In addition to explaining the case, the company also sought to give peace of mind, noting that any misuse of its users' data, such as its extraction and leakage violates LinkedIn's terms of service. "When someone tries to take member data and use it for purposes that LinkedIn and our members have not accepted, we work to stop and hold them accountable," they commented in their statements.

The consequences began in Italy

Despite the clarification shared by LinkedIn, the first consequences of this episode have already been activated. In Italy, the country's privacy surveillance body, began an investigation into this network of professional contacts, according to a Bloomberg report.

Depending on the port at which this survey arrives, the agency could initiate legal action and seek compensation, as permitted by the GDPR, a regulation allowing national authorities in Europe to push fines to companies that commit these infringements, up to 4% of their annual sales.

Outside of the particularities of each similar case, given the uncertainty that such a situation may generate, it is advisable to take immediate action, as this opens up the possibility of exposing yourself to scams, spam, or brute force attacks to reset passwords.

An instant resource to clarify doubts is the Have I Been Pwnedportal, which allows you to review by simply pointing out your email. If you're affected, you'll be notified of which data leaks you've been a part of. If you want to change your password, we have a guide that provides practical advice.

Post a Comment