It was recently reported by CyberNews researchers that many LinkedIn account data have been found for sale online. The data contained 500 million user records including email addresses, phone numbers, links to other social media profiles, and professional details.
The leak was found out on a forum popular with hackers asking for an important ramson in exchange for the stolen account information. To prove the data was legitimate, the hacker included two million records as a sample and it was confirmed by the researchers. However, it is still unclear if the hacker is selling up-to-date LinkedIn profiles, or if it has been taken from a previous breach suffered by LinkedIn or other companies.
Yet, it was also reported that the leaked data doesn’t seem to have any credit card, financial details, or legal documents that could be used for fraud. The leaked data can still be dangerous, however. Indeed, the hackers could use the information to create detailed profiles of their potential victims and then conduct phishing and social engineering attacks.
Hence, the researchers have advised following some guidelines to protect LinkedIn users and their accounts and data. These are the following:
- Changing LinkedIn account passwords and email account passwords associated with LinkedIn profiles.
- Creating a strong and random password, and storing it in a password manager.
- Enabling two-factor authentication (2FA) on LinkedIn accounts.
- Being careful of unknown requests and messages.
- Learning to identify phishing emails and text messages.
- Never opening links to websites from an email.
- Installing strong anti-phishing and anti-malware software.