Cyber criminals are currently offering private information on around 500 million LinkedIn accounts for sale in a hacker forum. But it is still unclear where the data came from.
After hackers leaked over 533 million Facebook user data over the Easter weekend, it is now the turn of the next social network.
In a darknet forum, cybercriminals are currently offering the user data of around 500 million LinkedIn accounts for sale. This would mean that around two thirds of the almost 740 million LinkedIn users would be affected.
In order to convince potential fences of the data set, the data traders have already leaked information on two million LinkedIn accounts. For a small fee, potential buyers could convince themselves of their authenticity.
Source of the hacked LinkedIn accounts still unclear
The data set leaked so far includes names, email addresses, phone numbers and career information. It is currently unclear how many data traders have acquired the full data set after viewing the sample.
However, IT security experts assume that quite a few fences have struck. According to some reports, the providers offered the data for a relatively low four-digit amount in US dollars.
It is also currently unclear how the criminals were able to obtain the data set. According to a company spokesperson, LinkedIn is investigating the incident. However, there is no doubt that private information from LinkedIn accounts was leaked. At the moment, however, the record is no longer available.
Check LinkedIn account and email account
For fraudsters, the leaked data is extremely lucrative. Email addresses and phone numbers can be misused for phishing attacks, for example.
With the help of decoy calls, text messages and dubious links, the fence-sitters aim to capture further data such as account numbers and passwords or lure victims directly into a cost trap.
Since the latest Facebook leak, for example, numerous SMS messages have been circulating about alleged parcel deliveries. Those affected should therefore exercise caution. Because these are probably scammers.
Anyone who wants to find out whether their LinkedIn account is affected can do so via the web application Have i Been Pwned.
If the worst comes to the worst, security experts recommend checking and changing both LinkedIn and e-mail account passwords. LinkedIn users should also activate two-factor authentication.