Threat actors have once again managed to scrape data from over 600 million user profiles on LinkedIn (opens in new tab), and have put it up for sale for an undisclosed sum, according to reports.
This incident, says (opens in new tab) CyberNews, is the third time in the past four months that data scraped from millions of its user’s public profiles has been posted for sale.
According to samples posted by the unscrupulous user, the latest round of data scraped from LinkedIn includes the member’s full name, email addresses, links to their social media accounts, and other details users have voluntarily shared on their public profiles.
- Here’s our list of the best password managers (opens in new tab)
- These are the best business password managers (opens in new tab)
- We’ve also rounded up the best security keys (opens in new tab)
As mentioned by the threat actor, the information in the scraped data is available for anyone to see in the user’s public profile. All they’ve done is used automated tools to crawl through LinkedIn and compile the data from millions of profiles in an easily readable format.
LinkedIn data scraping
CyberNews adds that while the data isn’t deeply sensitive, it could still put users at risk of spam and expose them to phishing attacks. It adds that the details can also be used by “malicious actors to quickly and easily find new targets based on the criminals’ preferred methods of social engineering.”
“Members trust LinkedIn with their data, and any misuse of our members’ data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable,” LinkedIN claimed (opens in new tab) reacting to last month’s data scraping incident (opens in new tab).
Notably, LinkedIn is engaged in a legal battle (opens in new tab) with talent management (opens in new tab) company hiQ Labs, which scrapes public data from LinkedIN in order to analyze employee attrition.
While in the lawsuit, hiQ contends that a ruling against data scraping could “profoundly impact open access to the Internet,” the recent incidents of scraped data being made available on underground forums highlights how the technology can also be used by threat actors to identify new targets.
LinkedIn didn’t immediately respond to TechRadar Pro's email asking for comments.
- Shield yourself with these best identity theft protection services (opens in new tab)