The LinkedIn leak: What actually happened? by A. HIRSCHHORN

New articles surfaced last week with the announcement of 700 Million LinkedIn users’ data being for sale on the dark web. The words “data”, “leak”, “breach” as well as other similar terms have been thrown around as well, leaving millions of users wondering “LinkedIn hacked again? Now what?”

I wrote a similar article a few months back, when WhatsApp’s privacy policy update had everyone talking, sending many users running towards alternatives like Telegram or Signal.

What these two topics have in common is that the reader’s attention is immediately drawn to fear. “What will happen with my data? Is this platform still safe for me to use?”

What actually happened?

According to LinkedIn, “this is not a data breach and no private LinkedIn member data was exposed.”

The statement goes on to say that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in their April 2021 scraping update.

In fact, if you are concerned about a data leak or a breach of LinkedIn’s security infrastructure, you are not focusing on the real issue at hand: data scraping.

What is data scraping?

According to Wikipedia, data scraping is a technique where a computer program extracts data from human-readable output coming from another program. It means that this data could also be obtained by a human being, navigating public pages and profiles. For example, name, occupation, employer, email address, things of the sort.

In itself, it doesn’t sound so terrible. Most of us have some part of our profiles publicly visible. LinkedIn IS for networking after all.

The real issue becomes clearer when we start to think about what this represents. For one person, or even a group of people, to start scraping this public data manually would take far too much time to be profitable. A web scraping technique will be used instead, working much more effectively, collecting far more data than a human could, at a much quicker rate.

You now have a hefty amount of data available to a single person or a group of people to use as they please.

On their own, each one of these records only has limited impact. Looking at a database of 700M records, however, it is a different ballgame altogether.

In the context of coordinated and/or automated social engineering, phishing or homographic attacks, this data set would be an invaluable asset.

One could imagine that someone paying for this amount public data will be looking to make their money back, out of your pocket.

**Do I need to take action? What can I do?**

As I mentioned before, this was public data to begin with. If you feel the need to take action, keep in mind there are only two elements in this scenario that are within your control.

Be aware of what you’ve agreed to.

Surely, this is just a reminder. I mean, we’ve all read the LinkedIn User Agreement and the Privacy Policy….right?

Review your LinkedIn Settings & Privacy choices.

But please keep in mind this doesn’t affect the past, only the future. If your data was in those 700M records, it won’t help you this time, but it could help you in the future.

Be extra vigilant for phishing attacks, especially in these next few weeks.

If someone buys this information, they are highly likely to use it. You may want to play very close attention from any odd messages received in the next few weeks. LinkedIn messages, emails, texts, messages via WhatsApp or other messaging apps, etc.

Perhaps this is a good reminder of how much of our personal info we choose to make readily available. I say choose, because it is indeed a choice. Not always a simple or pleasant one, but we all agreed to the Terms & Conditions, so in theory, we already knew this was possible. Or at least, we should have.

Your best line of defense in cases like these is arming with yourself with common sense and being knowledgeable about what information is publicly accessible, and how this information can be used.

Along with some basic security tips when opening messages from unknown sources:

1. Too good to be true: If you are being offered a deal for a product from a known brand, go to the original company site and check if it’s available there as well.

2. Keep a vigilant eye when looking at web addresses: If some of the letters in the URL look unusual, or the website design looks different, rewrite it, copy + paste it or visit the original company URL in a new tab to compare.

3. Better safe than sorry: If you have any doubts or are simply curious, click/tap on the padlock in your browser’s address bar and inspect the HTTPS certificate.

4. Be wary of actions you are asked to take: if a site is pressing you to act quickly or using FOMO, attackers are likely banking on users letting excitement get the best of their common sense.

2021-07-13T13:51:36+00:00

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.