Linkedin Data Breach UpdateArticle by: Jonathan Service | Image by tiffany loyd from Pixabay | Posted on: Tue Apr 13 2021
Recently there were reports of a data breach or scraped data that occurred on Linkedin exposing a large set of data to a public hack site database, what Linkedin had to say about this in their recent post on 8th April:
"Members trust LinkedIn with their data, and we take action to protect that trust. We have investigated an alleged set of LinkedIn data that has been posted for sale and have determined that it is actually an aggregation of data from a number of websites and companies. It does include publicly viewable member profile data that appears to have been scraped from LinkedIn. This was not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review.
Any misuse of our members’ data, such as scraping, violates LinkedIn terms of service. When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable.
For additional information about our policies and how we protect member data from misuse: https://www.linkedin.com/help/linkedin/answer/56347/prohibited-software-and-extensions."
It seems that most of the data according to Linkedin was publicly available data and not and actual sensitive information that we were lead to believe. It goes without saying that any data breach is serious and cybersecurity is important to all users, it amazes me though the number of users oblivious to the risks of not making sure their data is safe, while it is true that the company is responsible for your data according to the UK, US Data protection and EU data protection laws the user is also responsible to ensure that they have the following security measures in place:
- Use secure passwords
- Use 2-factor where available
- Change your password at least monthly
- Share data with websites that are essential
- Avoid using repeating passwords- in other words always use different passwords for each site
- Use a password randomly generator to generate secure hard to guess passwords
- Use a password manager like LastPass or something similar
These are some steps you can take but one that most would forget or are not aware of is to not use the same password for Google and not use the password generator on any device that has the same Google account attached as google syncs your data from device to device, this can be switched off if required.