大約93%的領(lǐng)英(LinkedIn)用戶、約7億人的個人數(shù)據(jù),被放到網(wǎng)上出售。
據(jù)RestorePrivacy的一份報告稱,黑客發(fā)布了一個數(shù)據(jù)樣本,其中包括100萬用戶的信息。
該報告稱,樣本來自2020年和2021年,似乎都是最近的數(shù)據(jù)。領(lǐng)英的一位發(fā)言人在給《財富》雜志的一份聲明中反駁了這一說法,他說:“我們已經(jīng)調(diào)查過。沒有證據(jù)表明這些是新數(shù)據(jù),或是來自2020年至2021年的數(shù)據(jù)。”
這些被泄露數(shù)據(jù)的出售價格為多少?答案是5000美元。
售賣者列出的數(shù)據(jù)不包括登錄憑證或財務(wù)信息,但包含了大量可以用于追蹤和推定個人身份的個人信息,包括:
- ? 姓名
- ? 電話號碼
- ? 家庭地址
- ? 電子郵箱地址
- ? 地理位置記錄
- ? 領(lǐng)英的用戶名和個人介紹的URL鏈接
- ? 個人經(jīng)歷和職業(yè)經(jīng)驗、背景信息
- ? 性別
- ? 其他社交媒體的賬號和用戶名
?
領(lǐng)英堅稱,大部分?jǐn)?shù)據(jù)并不是從其網(wǎng)站上搜集的。“我們目前的調(diào)查顯示,該數(shù)據(jù)集里的電話號碼、性別、推測薪水和地址信息并非來自領(lǐng)英。”這家公司表示。
不過自稱是數(shù)據(jù)泄露幕后主使的人說,他們采取了與4月大規(guī)模泄露中使用的相同方法獲得數(shù)據(jù),在那次泄露中,5億用戶的個人信息被放在線上出售。
6月29日,據(jù)稱擁有7.56億用戶的領(lǐng)英發(fā)表聲明道,這份用于出售的數(shù)據(jù)并不是黑客攻擊的成果,而是有人簡單提取了大規(guī)模的公開數(shù)據(jù)。
“我們的團(tuán)隊已經(jīng)調(diào)查了一系列據(jù)稱已發(fā)布待售的領(lǐng)英數(shù)據(jù)。”領(lǐng)英指出,“我們想澄清的是,這不是一次數(shù)據(jù)泄露,也沒有任何領(lǐng)英用戶的私人數(shù)據(jù)被泄露。我們的初步調(diào)查發(fā)現(xiàn),這些數(shù)據(jù)是從領(lǐng)英和其他各種網(wǎng)站抓取的,其中就包括與我們在2021年4月的抓取更新中報告的相同的數(shù)據(jù)。當(dāng)任何人試圖獲取會員數(shù)據(jù)并將其用于未經(jīng)領(lǐng)英和用戶同意之目的時,我們會努力阻止他們,并追究他們的責(zé)任。”(財富中文網(wǎng))
編譯:楊二一
大約93%的領(lǐng)英(LinkedIn)用戶、約7億人的個人數(shù)據(jù),被放到網(wǎng)上出售。
據(jù)RestorePrivacy的一份報告稱,黑客發(fā)布了一個數(shù)據(jù)樣本,其中包括100萬用戶的信息。
該報告稱,樣本來自2020年和2021年,似乎都是最近的數(shù)據(jù)。領(lǐng)英的一位發(fā)言人在給《財富》雜志的一份聲明中反駁了這一說法,他說:“我們已經(jīng)調(diào)查過。沒有證據(jù)表明這些是新數(shù)據(jù),或是來自2020年至2021年的數(shù)據(jù)。”
這些被泄露數(shù)據(jù)的出售價格為多少?答案是5000美元。
售賣者列出的數(shù)據(jù)不包括登錄憑證或財務(wù)信息,但包含了大量可以用于追蹤和推定個人身份的個人信息,包括:
- ? 姓名
- ? 電話號碼
- ? 家庭地址
- ? 電子郵箱地址
- ? 地理位置記錄
- ? 領(lǐng)英的用戶名和個人介紹的URL鏈接
- ? 個人經(jīng)歷和職業(yè)經(jīng)驗、背景信息
- ? 性別
- ? 其他社交媒體的賬號和用戶名
?
領(lǐng)英堅稱,大部分?jǐn)?shù)據(jù)并不是從其網(wǎng)站上搜集的。“我們目前的調(diào)查顯示,該數(shù)據(jù)集里的電話號碼、性別、推測薪水和地址信息并非來自領(lǐng)英。”這家公司表示。
不過自稱是數(shù)據(jù)泄露幕后主使的人說,他們采取了與4月大規(guī)模泄露中使用的相同方法獲得數(shù)據(jù),在那次泄露中,5億用戶的個人信息被放在線上出售。
6月29日,據(jù)稱擁有7.56億用戶的領(lǐng)英發(fā)表聲明道,這份用于出售的數(shù)據(jù)并不是黑客攻擊的成果,而是有人簡單提取了大規(guī)模的公開數(shù)據(jù)。
“我們的團(tuán)隊已經(jīng)調(diào)查了一系列據(jù)稱已發(fā)布待售的領(lǐng)英數(shù)據(jù)。”領(lǐng)英指出,“我們想澄清的是,這不是一次數(shù)據(jù)泄露,也沒有任何領(lǐng)英用戶的私人數(shù)據(jù)被泄露。我們的初步調(diào)查發(fā)現(xiàn),這些數(shù)據(jù)是從領(lǐng)英和其他各種網(wǎng)站抓取的,其中就包括與我們在2021年4月的抓取更新中報告的相同的數(shù)據(jù)。當(dāng)任何人試圖獲取會員數(shù)據(jù)并將其用于未經(jīng)領(lǐng)英和用戶同意之目的時,我們會努力阻止他們,并追究他們的責(zé)任。”(財富中文網(wǎng))
編譯:楊二一
Personal data for 700 million LinkedIn users—nearly 93% of the company’s members—has been put up for sale online.
Hackers have already posted a sample of the data, which included information for 1 million users, according to a report on RestorePrivacy.
The data appears to be recent, with samples from 2020 and 2021, according to the report. In a statement to Fortune, a LinkedIn spokesperson disputes this, saying, "We’ve investigated, and there is no evidence that this is new data or that the data is from 2020 and 2021."
The price for that enormous collection of data? $5,000.
The data examined by the site did not include login credentials or financial information, but it did include a wealth of personal information that could be used to assume someone’s identity, including:
- ? Full names
- ? Phone numbers
- ? Physical addresses
- ? Email addresses
- ? Geolocation records
- ? LinkedIn usernames and profile URLs
- ? Personal and professional experiences and backgrounds
- ? Genders
- ? Other social media accounts and usernames
?
LinkedIn maintains much of that data was not scraped from its site, saying, "LinkedIn’s current investigation indicates phone number, gender, inferred salary, and physical address in this data set did not come from LinkedIn."
The bad actor who claims to be behind the data leak says they used the same method to obtain the data that was used in a massive April infiltration, which saw personal information from 500 million users being sold online.
LinkedIn, which claims to have 756 million members, issued a statement on June 29, saying the data for sale was not the result of a hack but rather someone simply pulling data that was publicly available on a large scale.
“Our teams have investigated a set of alleged LinkedIn data that has been posted for sale,” the company said. “We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update…When anyone tries to take member data and use it for purposes LinkedIn and our members haven’t agreed to, we work to stop them and hold them accountable.”