What is a data breach? Learn from LinkedIn’s second data breach

What is a data breach? Learn from LinkedIn’s second data breach

LinkedIn experienced the second massive data breach this year. It reportedly revealed the data of around 700 million Linkedin users. LinkedIn has a total of 756 million users. Data of more than 92 percent of its users' data is getting compromised now.

Credit: Pexel

The new record source is an unknown hacker. It consists of LinkedIn users' personal information. It contained phone numbers, physical addresses, geolocation data, and derived salaries. This sensitive data is now for sale on the dark web.

LinkedIn confirmed a data breach that affected 500 million subscribers. It included personal information such as

  • Email address
  • Phone number
  • Workplace information
  • Social media details
  • Gender information
  • Physical addresses
  • Geolocation records
  • Derived salaries
  • LinkedIn username, and profile URL
  • Personal and professional background/experience

This came to light on June 22nd. A popular online hacker forum user posted the data of 700 million LinkedIn users. LinkedIn denied a data breach. They said the information was obtained by scraping the network.

Also read: How to invest in cryptocurrency? Beginners Guide

Why are people getting COVID-19 even after vaccination?

Israel vs Palestine: What is the reason behind the conflict?

The company stated, "Our initial analysis of the data set shows that it contains information from both LinkedIn and other sources. This was not a LinkedIn data breach, and our research has shown that no private data has been disclosed to LinkedIn members. We are perpetually operating to make sure that the privacy of our members is protected. "

The new 700 million user record is also for sale on the dark web. The hacker released a sample set of 1 million users for buyers. Restore Privacy was the first to discover this list on the dark web. The sample data was then matched by 9to5 Google.

The sample record posted on the dark web contains user personal and sensitive data.

9to5Google contacted the hacker directly. He claims that the data was obtained by using the LinkedIn API. It was to collect information that users upload to the website. The record does not contain any passwords, but the information is still very valuable. This data theft could result in identity theft or phishing attempts.

Also read: What is the delta Plus virus and why is it dangerous?

What is a Black fungus or Mucormycosis infection in COVID-19 patients?

Bali: Exploring the south

How to protect your data on LinkedIn?

There are few preventive measures you can take to protect your data.

Check the safety, security, and privacy settings of the apps. Ensure that the apps you use are properly configured.

Make sure you've created a strong password, and you change it frequently. Also, enable two-factor authentication (2FA). Do not accept connections from unknown people, particularly on LinkedIn and Facebook.

What does a data breach mean?

A data breach reveals confidential, sensitive, or proprietary information to unauthorized persons. Data breaches can occur from small businesses to large corporations.

It can involve personal health information (PHI), personally identifiable information (PII), trade secrets, or other sensitive information.

The data breach can result in identity theft and breach of government or industry compliance mandates. Then the violating organization can face fines, litigation, loss of reputation, and even the loss of the right to conduct business.

How to Prevent a Data Breach?

There is no security tool or control that can completely prevent data breaches. The best way of preventing a data breach is by common sense security practices. This includes:

  • Carry out ongoing vulnerability analyses
  • Use strong passwords/passphrases
  • Apply necessary software patches on all systems
  • Install proven malware protection

These steps are helpful. But security professionals encourage encryption of sensitive data. It can be either on-premise or in the cloud.

Even if a hacker intrudes on your device, encryption prevents threats from accessing the actual data.