In another high-profile data breach this week, security company Acronis reports that over 500-million LinkedIn users’ personal info is being sold on the dark web.
This follows the personal data of over 500-million Facebook users being posted online in a low-level hacking forum. The Facebook data includes phone numbers, full names, location, email address, and biographical information.
Acronis warns that the data could be used by hackers to impersonate people and commit fraud.
With LinkedIn being the latest victim of a massive data breach, data of almost two-thirds of its 740-million users has been scraped from the platform and posted online for sale. As with Facebook, this includes email addresses, phone numbers, workplace information, full names, account IDs, links to their social media accounts, and gender details.
A hacker forum has dumped data of over 2-million users as sample proof. The hacker is asking for a four-digit amount in US dollars in exchange for the breached data, potentially in the form of bitcoins.
Candid Wuest, Acronis vice-president of Cyber Protection Research, says the price being asked is relatively now since the leaked data contains no payment card details and no passwords. As such, it’s of less value to attackers and won’t sell for much on dark web anyway.
“However, it does contain valuable personal information (workplace info, email, social accounts links), which is why it’s not published it for free.
“It’s not uncommon to see such data sets being used to send personalised phishing emails, extort ransom or earn money on dark web – especially now that many hackers target job seekers on LinkedIn with bogus job offers, infecting them with a backdoor Trojan.
“For example, such personalised phishing attacks with LinkedIn lures have been used by the Golden Chicken group last week.”
Wuest points out that the breach means there is now a higher risk of LinkedIn phishing, SMS spam, as well as password reset attacks and attacks against other services that use SMS for MFA are now more likely.
“Users should therefore beware of suspicious LinkedIn messages and change from SMS-based MFA service where possible for critical accounts.”