LinkedIn Data Scrape: How It Happened and What It Means for You


How did a hacker access and sell the personal data of 700 million LinkedIn users, and what are the potential risks and implications of this incident?.


How a hacker accessed and sold the personal data of 700 million LinkedIn users

In June 2021, a hacker named Tom Liner announced on a popular hacking forum that he had obtained the personal data of 700 million LinkedIn users, which is more than 92% of the total 756 million users on the professional networking platform. He offered a sample of one million records as proof and sold the entire database to multiple buyers for around $5,000 each. The data included email addresses, full names, phone numbers, physical addresses, geolocation records, LinkedIn username and profile URL, personal and professional experience/background, genders, and other social media accounts and usernames.

How did he do it? According to Liner, he exploited the official LinkedIn API (Application Programming Interface) to download the data that people upload to the site. An API is a set of rules and protocols that allow different software applications to communicate and exchange information. LinkedIn uses its API to let third-party developers access some of its data and features, such as allowing users to sign in with their LinkedIn credentials on other websites or apps. However, Liner claims that he was able to abuse the API and bypass its limitations to scrape the data of millions of users.

This is not the first time that LinkedIn has faced a data scraping incident. In April 2021, another hacker sold a database of around 500 million records scraped from LinkedIn. LinkedIn confirmed that the data was obtained from its servers, but also claimed that some data was sourced from other websites. LinkedIn also stated that scraping its data violates its terms of service and that it has taken measures to prevent and combat such activity.

What are the potential risks and implications of this incident? The data that Liner scraped and sold may not contain sensitive information such as passwords or financial data, but it still poses a serious threat to the privacy and security of LinkedIn users. The data can be used for various malicious purposes, such as:

  • Identity theft: The data can be used to impersonate LinkedIn users and access their other online accounts, such as email, banking, or social media. The data can also be used to create fake profiles and identities for fraud or deception.
  • Phishing and spamming: The data can be used to send targeted and convincing emails or messages to LinkedIn users, asking them to click on malicious links, download malware, or provide personal or financial information. The data can also be used to flood users with unwanted and annoying advertisements or offers.
  • Social engineering and blackmailing: The data can be used to manipulate or coerce LinkedIn users into doing something they would not normally do, such as revealing confidential information, paying money, or performing illegal actions. The data can also be used to extort or threaten users with exposing their personal or professional secrets or embarrassing them publicly.
  • How can LinkedIn users protect themselves from this incident? LinkedIn users should take the following steps to safeguard their data and accounts:

  • Change their passwords and enable two-factor authentication on their LinkedIn and other online accounts.
  • Review their privacy and security settings on LinkedIn and other platforms and limit the amount of information they share publicly or with third-party applications.
  • Be vigilant and cautious of any suspicious or unsolicited emails or messages they receive, and never click on unknown links or attachments or provide personal or financial information.
  • Monitor their credit reports and bank statements for any signs of identity theft or fraud.
  • Report any incidents of data breach, phishing, or spamming to LinkedIn and other authorities.
  • LinkedIn

is one of the most popular and widely used platforms for professional networking and career development. However, it is also a valuable target for hackers and cybercriminals who want to exploit its data and users. LinkedIn users should be aware of the risks and implications of data scraping incidents and take proactive measures to protect their privacy and security.

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Terms Contacts About Us