LinkedIn takes legal action after being hit by data harvesters

The social network hopes to trace some 100 data thieves…

Data harvesting is something that LinkedIn obviously wants to take a stand against, and the work-oriented social network is showing what happens to malicious parties who attempt to hoover up data from its millions of profiles by launching a lawsuit against accused miscreants.

The suit is being filed over in California and is aimed at no less than a hundred people who aren't yet named as their identities remain unknown, but apparently they used a crafted botnet to collect data from the social media site.

The Register reports that this was a major endeavour, as it involved the automated setting up of thousands of false accounts – successfully bypassing Captcha verification (the 'are you human' detection tests) – and the use of so many dummy accounts allowed the operation to stay under LinkedIn's radar for some time, avoiding the defences the social network has in place to stop this kind of harvesting.

Apparently, the data scraping operation first kicked off in December 2015, but Microsoft (which now owns LinkedIn) is aiming to have the last laugh with this litigation.

Tracing the perpetrators

In the case document, the social network states that the unnamed defendants "circumvented several technical barriers employed by LinkedIn that prevent mass automated scraping", and as a result they are guilty of violating US laws including the Computer Fraud and Abuse Act.

LinkedIn says that it expects to trace the unknown defendants by serving notices on their ISPs. Which is easier said than done, of course…

LinkedIn also said that the unnamed defendants had cost it at least $5,000 (around £3,800, AU$6,500) in terms of the expense of investigating and responding to the data harvesting, but moreover that the social network had suffered "ongoing and irreparable harm to its consumer goodwill and trust" because of the incident.