According to the news one individual is selling the data of 500 million LinkedIn profiles on a popular cybercriminal forum. The leaked files contain information about the LinkedIn users whose data has been allegedly scraped by the deviant, including full names, email addresses, phone numbers, workplace information, and more. Other users on the forum could view the leaked samples for around $2 in forum credits and the entire 500 million user database was being auctioned for at least a 4-digit sum. The perpetrator claimed the data was acquired from LinkedIn, and CyberNews was able to confirm this claim by looking at the samples provided on the hacker forum. However LinkedIn later claimed that the data for sale was not acquired as a result of the data breach and it is instead an acquisition of data from a multitude of websites and companies. There are also reports of at least six other archives that include over 327 million LinkedIn profiles, however these have not surfaced on the same forum. CyberNews claimed that, "this would put the overall number of scraped profiles at 827 million, exceeding LinkedIn’s actual user base of 740+ million by more than 10%. This means that some, if not most, of the new data sold by the threat actor might be either duplicate or outdated."
Now, should you personally as a LinkedIn user be worried about the breach? Is there anything you can do? Well on the severity spectrum of leaks, this is relatively lower since much of the data could likely be gathered through traditional reconnaissance techniques like internet searches and social media platforms. It also appears to have been scraped from other sites in addition to LinkedIn seeing as how LinkedIn itself denied relations to the leak. Unfortunately, individuals are limited in what they can do in this situation. Just continue (or start) the practice of closely watching for identity theft and fraudulent transactions. If you'd like to easily check if your password has been discovered in a data breach just go ahead and enter it here ----> https://haveibeenpwned.com/