Hacker Leaks 35 Million Scraped LinkedIn User Records

A hacker dubbed "USDoD" leaked a LinkedIn database containing the personal information of more than 35 million users on the notorious cyber crime platform Breach Forums. This is not the first time that USDoD has disclosed large amounts of personal data.

In 2022, the hacker breached the U.S. Federal Bureau of Investigation's security platform InfraGard and leaked the personal data of almost 90,000 of its members. Regarding this most recent LinkedIn database, USDoD posted on Breach Forums that it was acquired via web scraping, which is an automated process used to extract specific data from websites. While the leaked database includes millions of email addresses, passwords were not included.

Troy Hunt of HaveIBeenPwned (HIBP) examined more than 5 million accounts from the database and concluded that it includes a combination of data from various sources, such as public LinkedIn profiles, fake email addresses, and other sources.

Troy stresses that while some of the data might be anecdotal or partially fabricated, the people, companies, domains, and many email addresses are authentic. Hunt explained, "Because the conclusion is that there's a significant component of legitimate data in this corpus, I've loaded it into HIBP. But because there are also a significant number of fabricated email addresses in there, I've flagged it as a spam list which means the addresses won't impact the scale of anyone's paid subscription if they're monitoring domains."



Last updated