Nefarious actors are reportedly selling the spoils from a LinkedIn scraping operation that nabbed data from some 500 million profiles, though the company claims the archive contains only public-facing information.
A report from Cyber News earlier this week revealed the existence of a massive store of LinkedIn user data that is apparently being sold through an unnamed online forum. The original post seeks to sell an archive of 500 million users and offers a cache of 2 million profiles as proof.
The person claiming ownership of the data store is asking a “four-digit $$$$ minimum price” for access to the full archive, but is selling samples for as little as $2 in forum credits, Cyber News reports.
LinkedIn seemingly corroborated the issue in a statement to Gizmodo on Wednesday.
“While we’re still investigating this issue, the posted dataset appears to include publicly viewable information that was scraped from LinkedIn combined with data aggregated from other websites or companies,” a spokesperson said. “Scraping our members’ data from LinkedIn violates our terms of service and we are constantly working to protect our members and their data.”
On Thursday, the company published a brief update on the matter to its website, stressing no private data was accessed and that hackers did not breach the platform.
“We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn,” the statement reads.
News of LinkedIn’s troubles arrives less than a week after a leak disclosed data scraped from more than 530 million Facebook accounts. That incident was later traced back to a previously undisclosed breach.