LinkedIn has published a blog post denying the reports of a data breach involving 500 million LinkedIn users.
A couple of days back, Cybernews published a report noting that a hacker is selling personal information of over 500 million LinkedIn users. The hacker claimed that the data was scraped from LinkedIn and had uploaded two million records as a proof-of-concept. According to Cybernews, the leaked data included full names, email addresses, phone numbers, workplace information, and more. Furthermore, users on the hacking forum could view the database for $2 worth of forum credits and the hacker was also auctioning off the whole database for at least a 4-digit sum of money. Cybernews's independent investigation team was able to confirm that the database was genuine but noted that it could be an old dataset from an earlier breach.
Following the reports, LinkedIn published a blog post denying the data breach. The company said that that the dataset posted online was "an aggregation of data from a number of websites and companies". LinkedIn, however, noted that some of the leaked data was scraped from "publicly viewable member profile data" on LinkedIn. Lastly, the company said that misuse of data "such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable."
While LinkedIn has denied the claims of data breach, Bloomberg has reported that the Italian watchdog has opened a probe into the matter. The authority told Bloomberg that Italy has the highest number of LinkedIn users in Europe and called the affected users to “pay particular attention to any anomalies” related to their phone number and email IDs. The move comes just days after Ireland's watchdog opened an investigation against Facebook after a database of over 530 million Facebook users was dumped on a hacking forum for free.
LinkedIn is yet to comment on if it will notify the affected users about the data breach. Facebook, on the other hand, has made it clear that it will not be notifying users who were affected by the latest breach. Fortunately, we have published a guide on how you can use independent websites to check if your personal information was leaked in the latest Facebook data breach. As a rule of thumb, if you were affected then make sure you change your password and enable two step verification, if you have not done so already.