After Facebook, also Linkedin. The alert is triggered for another credential theft involving 500 million LinkedIn profiles, the professional platform that has 600 million users worldwide. According to Cyber News researchers, the archive is for sale on the dark web and among the data there are e-mail addresses, telephone numbers, links to profiles of other social networks and professional details. All credentials that could be used for further attacks, phishing and online scams. It is unclear whether the cybercriminals “are selling updated profiles or if the data was taken from a previous breach suffered by LinkedIn or other companies.” Those who have put this large amount of profiles for sale on the dark web, to prove the legitimacy of the information in their possession, allow you to download two million data as a sample, at the price of only 2 dollars, while for access to the complete database of information stolen, approximately $ 1,800 is required.
As happened with the theft of personal data of Facebook users, also for LinkedIn it is the so-called “scraping”, ie an extraction of data from a website by means of a software and therefore not a ‘data breach’, ie a violation of platforms conducted with a cyber-attack.
Meanwhile, the Guarantor for the protection of personal data has launched an investigation against Linkedin, following the violation of the social network systems that led to the dissemination of user data. These include IDs, full names, email addresses, telephone numbers, links to other Linkedin profiles and to those of other social media, professional titles and other work information entered in their profiles by users.
At the same time, the Authority adopted a provision with which it warns anyone who has come into possession of personal data deriving from the violation that their possible use is in contrast with the legislation on the protection of personal data, since such information is the result of processing illicit.
The use of these data, reminds the Guarantor, involves consequences, including sanctions. Also taking into account the fact that Italy is one of the European countries with the largest number of subscribers to the platform, the Authority also calls all interested users from the violation to the need to pay particular attention to any anomalies connected to one’s telephone number and account in the coming weeks. In fact, these data could be used for a series of illegal conduct, ranging from unwanted calls and messages to serious threats such as online scams or identity theft or phenomena such as the so-called “SIM swapping”, a technique used to violate certain types of online services that use the mobile number as an authentication system.