Skip to main content

The data of 500 million LinkedIn profiles is being sold online right now [Updated]

Linkedin Hackers
Linkedin Hackers (Image credit: Daniel Rubino / Windows Central)

What you need to know

  • 500 million LinkedIn profiles had their data scraped.
  • That scraped data is now appearing for sale on a forum.
  • You can preview the data for roughly two dollars' worth of forum credit.

Update: LinkedIn has commented (opens in new tab) on the alleged scraping of content and concluded that is not what happened. The statement is reposted below.

Members trust LinkedIn with their data, and we take action to protect that trust. We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we've been able to review.Any misuse of our members' data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven't agreed to, we work to stop them and hold them accountable. - LinkedIn 4/9/2021

As reported by CyberNews (via OnMSFT), 500 million profiles on LinkedIn have had their profiles scraped for data. But that's not the worst of it. The worst part is that the data scraper responsible (if it is, in fact, a single actor) is now selling that data, looking for a four-digit minimum price tag in exchange for the goods.

It's reported that the scraper is selling the info on a forum and is accepting around two dollars' worth of forum credit in exchange for a two-million-profile sized sampling of the data. Pay two bucks, get two million accounts' info. It's a heck of a bargain if you want the benefits of LinkedIn without having to actually set up an account and be a social human being.

This isn't even the first time this week that so many individuals have been left exposed to the ne'er-do-wells of the internet. A few days ago, 533 million compromised Facebook accounts got their info blasted, though the data itself stemmed from a breach dating all the way back to 2019. Still, old data or otherwise, no one likes their personal details going public without their consent.

Whether it be Facebook or Microsoft-owned LinkedIn, let this be a reminder that no data is ever truly safe on the web. For layers of protection, you can try the best Windows 10 password managers or best Windows 10 password generators. But if you want true security, it's best to keep all key data offline and written on physical sticky notes, locked in a safe, and then tossed to the bottom of the Scottish Sea.

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.

11 Comments
  • Good, maybe it'll help me get a better job
  • What's going on with Microsoft security lately? It's not a good look.
  • What has this got to do with Microsoft security? What has Microsoft got to do with what you are sharing publicly on the net?
  • That’s great. They can sell my fake account of Farquhar Bumfluff 3rd to anyone they like 🤣
  • Where did you get the right to copy my name? 😁
  • Does anyone post private information on LinkedIn or does everyone just put public details there for job seeking? I don't see how this could be damaging to anyone unless they were being foolish to begin with.
  • It's not really "public" as you need to accept friend requests for others to see your info. You can't just go to LinkedIn and see someone's phone number or even much of their profile. The idea that someone just scrapped that info without having to go through the action of being in someone's network is concerning/unwannted.
  • https://news.linkedin.com/2021/april/an-update-from-linkedin There does not, at this time, seem to have been a breach.
  • you can make your information fully public which is what a lot of people that are currently job hunting do. even if you aren't job hunting, leaving your information public helps with recruiters. you can get job offers without even looking. anyone can make a fake linkedin account so they can browse around.
  • Stupid hackers and their desire for money. Get a real job and hack for good purposes directly instead of indirectly, looking bad and shameful.
  • I'm feeling disappointed with MS security too but hackers aren't stupid, they always trying to penetrate the security of mostly used services (most of time). In the end, it's our fault to upload our information on social platforms.