The social media platform LinkedIn has denied it has had a data breach following reports that information from 500m profiles have been posted in a hacker forum.
Website CyberNews last week revealed a database purportedly containing information from 500 million LinkedIn profiles has been listed for sale on the dark web. The hacker is reportedly seeking a four-figure sum for the full cache of names, email address and phone numbers.
In a statement, LinkedIn admitted the dataset included profile data of its users but said this was publicly available information and therefore did not constitute a data breach.
It said: “We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies.
“It does include publicly viewable member profile data that appears to have been scraped from LinkedIn.
“This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.”
The company added that scraping of members’ data is a violation of its terms of service, which state anybody found to be doing this risks having their account shut down.
The LinkedIn story appeared days after data records of 533 million Facebook users were published online.
The company said the data was scraped from profiles using vulnerabilities in Facebook’s contact importer.
The Irish Data Protection Commission, which regulates Facebook in Europe, is probing whether any of the data was leaked prior to the commencement of the General Data Protection Regulation (GDPR) in May 2018.
Register to receive the latest data protection and privacy news and analysis straight to your inbox
No comments yet