The scraped data of over 500 million LinkedIn profiles has been put up for sale on a popular hacker forum.
The post’s author has leaked two million records already as proof of the existence of the much larger data trove, as reported by Cybernews.
The data, which is spread across four files, is said to include full names, email addresses, phone numbers, and information related to their place of work.
So far, no precise figure has been set for the data, although the user has said that interested parties should expect to pay a four-digit sum, likely in bitcoin.
While it has been confirmed that the data was scraped from LinkedIn, it’s unclear whether this is a new data breach or if the data has been taken from previous LinkedIn breaches.
A LinkedIn spokesperson told IT Pro: «While we’re still investigating this issue, the posted dataset appears to include publicly viewable information that was scraped from LinkedIn combined with data aggregated from other websites or companies.
«Scraping our members’ data from LinkedIn violates our terms of service and we are constantly working to protect our members and their data.»
The full leaked files contain information including LinkedIn IDs, full names, email addresses, phone numbers, genders, links to LinkedIn profiles, and professional titles.
Although there was no evidence of sensitive information like credit card details or legal documents in the sample posted to the forum, the leaked information can still be used for phishing or social engineering attacks.
Earlier this month, it emerged that a hacking group was targeting LinkedIn users with fake job offers to infect them with malware that allowed them to take control of a victim’s computer. The Golden Chicken hacking group spread the malware through spear-phishing victims with a malicious .ZIP file that would provide remote access to their device.
The personal data of 533 million Facebook users was also found on a hacking forum this month and was available to download for free. The records, which represent around a fifth of the company’s entire user base, contained full names, birth dates, and the status of a user’s relationship.