![]() Then as now, LinkedIn absolved itself of responsibility in a statement to Privacy Sharks: "This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed." In other words, this isn't technically a data breach, and no hacking was involved, just as happened with the 500 million LinkedIn profiles scraped a few months ago. Data breach or not, your information is still exposed ![]() If you have a LinkedIn account, then your data is probably part of this. If this stolen data really amounts to 700 million users, that's about 92.5% of LinkedIn's entire user set. LinkedIn's own website declares that it has 756 million users. He or she is offering samples of various sizes, ranging from 1 million records to just a few hundred.Īnother website that analyzed samples, Restore Privacy, said TomLiner told them the data had been scraped using LinkedIn's own API, or application program interface, a tool that lets your computer quickly interface with a website's server. The person selling the data goes by the name TomLiner and posted a sale notice on the Raid Forums website, which is open to the public, on June 22. "Considering that there are 200 million new records available, it is likely that new data has been scraped." "We cannot be sure whether or not the records are a cumulation of data from previous breaches and public profiles, or whether the information is from private accounts," said Privacy Sharks, a website that analyzed a sample of the new data. This incident comes just a few months after a separate incident that saw the posting of data collected from 500 million LinkedIn user profiles. Very few people provided mobile phone numbers, and we could find only one in the first 100 entries. Personal email addresses were not asked for. Only about 7.5% of users in the data sample included a workplace email address. In appears most users knew well enough to give LinkedIn nothing but the bare minimum needed to maintain an account. We found that while all 443 entries provided in the sample contained LinkedIn users' full names and LinkedIn IDs, URLs, usernames, most users voluntarily provided nothing else besides their general geographical location, i.e. Tom's Guide had a look at the smallest sample of the scraped LinkedIn data, the only sample size that didn't require registration with a dodgy website. If anyone whose home address could be located with this data also happened to provide their date of birth along with the required full name, then an identity thief could try to use those three pieces of information to fraudulently open accounts in that person's name. It means you or I could drive to those houses, pound on the doors and ask for the residents by name - all because of data that was publicly accessible on LinkedIn. Names were attached to each of those listings. Individual houses were singled out and visible in Google Street View and the houses' full addresses displayed. More alarmingly, we found coordinates that zeroed in on specific addresses in the Boston suburbs and in a small town in Wisconsin. We found locations in New York City and Brazil, on the side of a road in rural France and in various cities in India. The geographic coordinates were pretty easy to translate into map locations by copying and pasting the coordinates into Google. It may be that those users used the LinkedIn mobile app and were not aware that the app could have grabbed their GPS data at the moment and uploaded it to LinkedIn servers. ![]() However, quite a few entries contained specific geographic coordinates, certainly many more than had provided email addresses or phone numbers. In iOS, you can do the same by going to Settings > Privacy > Location Services. In Android, go to Settings > Apps & notifications > App permissions > Location and determine which apps should always, should only sometimes or should never have access to your location. You can avoid being swept up in the next data scrape by providing only the minimum amount of information required to maintain a LinkedIn account, or in fact any social-media account.Īlso be sure to go into your phone's settings and deny social-media apps access to your GPS coordinates. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |