Every time you turn around, it seems as if there is another major breach of customer data happening. In some cases, this is an actual security breach and sensitive data has been shared.
In other cases, like the latest data scrape involving LinkedIn, it’s more that algorithms were used to scrape large amounts of publicly available user data. That data is put into a list that is then sold on the Dark Web or released elsewhere online for all to grab.
The latest compromise of user information impacts over 700 million users. Data that is believed to have been scraped from the business social media platform LinkedIn was found to be for sale on the Dark Web back in June and has also recently been released online. You can check Instagram Aufrufe kaufen if you need help with social media leads.
LinkedIn is the world’s largest professional network. Where other social media sites are more for friends and family, LinkedIn is all about building business relationships.
It’s also a platform that is more trusted than Facebook to keep user data secure. But, with the email addresses of its members out there being leveraged by spammers and phishing attackers, that reputation has taken a hit.
What You Need to Know About the LinkedIn Data Scrape
First, let’s go over what “data scrape” means.
It’s NOT a data breach. A hacker did not hack into the LinkedIn database and access user passwords and other sensitive information. A data scrape is as if a large net were run over certain websites to “catch” email addresses and any other readable personal data.
A data scrape uses an application that mines a website for data. The most common type of data to scrape is email addresses.
If a human were going through LinkedIn, profile by profile, it could take them years to pull all the email addresses, names, and locations they find. But with an application, this can be done in a much shorter time because everything is automated.
What’s the Difference Between a Data Breach and a Data Scrape?
A data breach is unauthorized access to sensitive data that comes from a “hack,” password compromise, or another method. It’s data that is private and not meant to be seen by the public.
A data scrape is the use of a program to grab as much information as possible from a website, but all that information is publicly available. So, there is no hack or breach of network security.
What Type of Data Was Scraped?
While you don’t have to worry about your password being breached, there was a good bit of personal information that was scraped in this large database of user information.
A file analysis showed that the following LinkedIn user data was included:
- LinkedIn Profile Names
- LinkedIn ID
- LinkedIn Profile URL
- Location (town, city, country)
- Email addresses
What Can You Expect?
Because of this large release of data, you can expect that several scammers are leveraging that list for their next campaign. The same goes for criminals that conduct phishing attacks.
Expect more spam emails and be very wary of new contacts reaching out to you on LinkedIn. These could be social phishing attempts from people trying to scam you out of money.
Why Is Any Data Release Like This Dangerous?
While the LinkedIn data scrape wasn’t a breach, it still increases the danger of an online attack for the users whose data was exposed and sold.
By connecting several data points about you that might have been on your profile or other places, spammers can target you and build up quite a profile about you to commit identity theft or target you for phishing.
For example, if a hacker has your email address, they may match that with your phone number that they find online somewhere else, and can more easily locate your other social profiles, business website, any civic or school groups you belong to, etc.
Unfortunately, many organizations accidentally make it easy for bits of personal data to be found online. There can be everything from a list of PTA volunteers to the attendees at a trade show being posted for download as a PDF from a specific website but left unprotected. This means anyone can find that type of data by doing a Google search of an email address.
What Do You Need to Do?
There is not much you can do once the data is out there. Good online security practices are the best way to ensure you don’t fall victim to a phishing attack.
Both a combination of commonsense and PC protections, like DNS filters and email filtering, can help you weather data releases like this one.
Get First-Class Security & Peace of Mind with WebGuardian
Two River Computer’s WebGuardian offers real-time monitoring and security of your PC and includes software that helps keep you secure online.
Contact us today to learn more. Call 732-747-0020 or reach us online.