Not for the first time, Linked has been subject to a data-scraping attack. In November 2023, a post to a popular hacking forum alleged that millions of LinkedIn records had been scraped and leaked.
What’s the impact of the leak?
Mainly an increased likelihood of increased phishing attacks or other kinds of identity attacks. The data from the leaked files can be used by criminals against people whose data appeared in the LinkedIn breach in a number of ways:-
- Carrying out targeted phishing attacks.
- Brute-forcing the passwords of LinkedIn profiles and email addresses.
- Spamming emails and phone numbers.
- Selling the data on to other data aggregators
We have already seen an increasing in phishing attacks that could be related to the scraped data.
What to do
If you suspect that your LinkedIn profile data might have been scraped by threat actors, we recommend you:
- Beware of suspicious LinkedIn messages and connection requests from strangers.
- Watch out for potential phishing emails and text messages. Again, don’t click on anything suspicious or respond to anyone you don’t know.
- Be aware of the likelihood of your identity being used to phish others.