Microsoft-owned social network LinkedIn denied the alleged data breach of over 500 Mn users on its platform saying that data for sale was not the result of a data breach. The company clarified that the leaked data was aggregated data from several websites and companies.
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review,” LinkedIn said
However, it confirmed that the breached data contained scraped publicly viewable member profile data from LinkedIn.
Earlier, Cyber News had reported that scraped data of over 500 Mn LinkedIn users were put for sale on a hacker forum. The data up for sale included account IDs, full names, email addresses, phone numbers, workplace information and links to social media accounts among other details.
A similar incident of leaked personal data of 533 Mn Facebook users was reported last week. The leaked data from Facebook was posted for free on hacking forums and included the date of joining, place of work, names, gender, occupation and relationship status of users. The breach affected 6 Mn Indian users and included details such as phone numbers, Facebook IDs, full names, locations, birthdates, bios, and in some cases email addresses. The social media giant told media agencies that the leak was related to a vulnerability that the company patched in 2019.
In March this year, Gurugram-based fintech company MobiKwik was rocked by the allegations that data of over 100 Mn of its users was breached. The allegation that was repeatedly denied by the company also led to a warning by the RBI who ordered an external auditor to conduct a forensic audit on the breach.
Similarly, in November last year, the data which included users’ encrypted passwords of 1.4 Mn registered users on the website iimjobs.com was allegedly leaked on the dark web.
Recent months have witnessed several Indian companies, such as Google-backed hyperlocal delivery platform Dunzo, online grocery delivery service BigBasket, popular India food manufacturing company and restaurant chain owner Haldirams, Indian edtech platform Edureka, online travel marketplace RailYatri and even the personal website of Prime Minister Narendra Modi suffer cyberattacks, with the data on these websites being subsequently leaked on the dark web, where it was available for purchase. In May 2020, users’ data from another Info Edge-owned jobs portal Naukri.com had been leaked on the dark web.
A report by IBM’s ‘Cost of a Data Breach Report 2020’ states that Indian companies witnessed an average $2 Mn total cost of a data breach in 2020, representing an increase of 9.4% from 2019. A total of over 26,100 Indian websites were hacked last year alone as per the data recorded by the state-owned Indian Computer Emergency Response Team (CERT-In).