According to a recent report, some unprotected databases have leaked around 60 million records. The leaked data allegedly belongs to LinkedIn users. However, the data does not come from any LinkedIn breach. Rather it represents scraped LinkedIn data.
Millions Of Scraped LinkedIn Data Exposed
Reportedly, a researcher Sanyam Jain discovered millions of scraped LinkedIn data left publicly exposed. The leaked data came from eight different databases, as reported by BleepingComputer.
Allegedly, the GDI foundation security researcher, Sanyam Jain, contacted the reporter from BleepingComputer to share some strange findings. He noticed the same LinkedIn data appearing again and again on different IP addresses.
The combined total of all eight exposed databases made up to 229GB, where the size of a single database ranged between 25 and 32 GB. The total data from these databases made roughly 60 million records.
The information present in the leaky databases appeared to be the public information of LinkedIn users. As reported by Lawrence Abrams of BleepingComputer,
“The data contained in this record included my LinkedIn profile information, including IDs, profile URLs, work history, education history, location, listed skills, other social profiles, and the last time the profile was updated.”
Nonetheless, he could also see his email address in the exposed data. Though, he never had set to public display on his LinkedIn profile.
Apart from the profile information, the exposed data also included LinkedIn’s internal values, such as profile subscription types.
While the researchers could not identify the owner of the databases, they certainly made sure the databases were closed down by contacting Amazon.
LinkedIn Confirmed No Breach
Though the huge number of records belong to LinkedIn users, LinkedIn has clearly denied any data breach. As confirmed by Paul Rockwell, LinkedIn’s Head of Trust & Safety, the databases probably came from some third-party scraping service.
“We are aware of claims of a scraped LinkedIn database. Our investigation indicates that a third-party company exposed a set of data aggregated from LinkedIn public profiles as well as other, non-LinkedIn sources. We have no indication that LinkedIn has been breached.”
Yet, it remained unclear as to how the databases included email addresses when not publicly visible.