Earlier in April, a data breach was reported. It was said that LinkedIn has leaked data of over 500 million users. However, later it was clarified that it was not a data breach, but perhaps an outcome of data scraped from its platform. The number is bigger yet this time, 700 million, users and LinkedIn is blaming data scraping once again. LinkedIn has around 740 million users.
News website Privacy Sharks spotted a a user on RaidForums selling the data. The seller, “GOD User” stated that they were in possession of 700 million records on June 22, 2021, and included a sample of 1 million records to prove its claims. The website confirms that the records include information such as full names, gender, email addresses, mobile number, and industry information.
“Not a Data Breach”
Speaking on the issue, LinkedIn said that its initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources.
“This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed.”
While LinkedIn says that it’s Terms of Service expressly prohibits data scraping, a the 9th US Circuit Court ruled in 2019 that data scraping was legal. Recently, the United States Supreme Court had remitted the case back to the Circuit Court, upon LinkedIn’s appeal. LinkedIn contends that data scraping is violative of the Computer Fraud and Abuse Act.
You can read more about the entire data scraping issue here.
However, such an act exposes people to scams. the leaked information can be used for phishing or social engineering attacks. Wondering how it’s done? Read this. Besides LinkedIn, Facebook had also shrugged off responsibility by terming a leak exposing records of 533 million people as ‘data scraping’.