fbpx

LinkedIn Data Breach

THIS ACTION IS NOW CLOSED

More than 700 million LinkedIn accounts were put up for sale on the dark web following a data breach. This page explains how the LinkedIn data breach happened. 

What happened in the LinkedIn data breach?

In June 2021, it was revealed that over 700 million people had their personal data hacked in the latest LinkedIn data breach.

Given that the nature of the stolen data, which includes salary details, this was a serious breach that could have had repercussions on those whose information had been exposed.

In total, 92% of LinkedIn users are reportedly affected by this breach.

The data exposed includes:

Victims of the LinkedIn data breach were put at risk

As the data stolen in this attack was put up for sale on the dark web, we recommended that anyone who used LinkedIn at the time of the breach take immediate steps to protect themselves from phishing and fraud attempts.

This included reviewing the privacy settings of all the apps and social media sites they used, changing their passwords, and enabling two-factor authentication (2FA) wherever possible. Furthermore, with details relating to other accounts also compromised, all LinkedIn users should also have changed their passwords on any related sites.

A history of data protection failures

This was not the first time that the business networking site had experienced a data breach.

In April 2021, LinkedIn confirmed another data breach affecting 500 million subscribers. However, on that occasion LinkedIn said that it had not experienced a breach but rather the information was gathered by someone scraping its network.

In addition, in May 2016, LinkedIn had 164 million email addresses and passwords exposed. The data was put up for sale on the dark web in 2016, some four years after the platform was originally hacked.

LinkedIn Data Breach Timeline

  • 22 June 2021
    RestorePrivacy reported that a hacker advertised data from 700 million LinkedIn users for sale.
  • 29 June 2021
    There were widespread reports that LinkedIn had experienced a data breach

Your questions answered

See our answers to the FAQs we get asked about the LinkedIn data breach.

How did the security incident happen?

A hacker obtained a dataset consisting of personal details of more than 700 million LinkedIn users.  

What data was accessed?

The breach included users’ full names, phone numbers, emails, home addresses, geolocation data, salary expectations, genders, LinkedIn usernames and profiles and other social media account details (including usernames).

How do we know that the data stolen was genuine?

The hacker behind the breach shared a sample of the database which contained one million records from between 2020 and 2021. This sample was authenticated and proved that the stolen information was genuine and up-to-date at the time of the breach.

Was this the same data breach as the one experienced by LinkedIn in April 2021?

No, in April 2021, LinkedIn confirmed another data breach affecting 500 million subscribers. On that occasion LinkedIn said that it had not experienced a breach but rather the information was gathered by someone scraping its network.