LinkedIn data breach
On October 31, a major data breach involving a LinkedIn database has occurred. The database, spanning several millions of records, containing personal identifiable information, has been offered for sale on a popular hacking forum.
A data breach occurs when unauthorized parties gain access to information in a manner that was not intended for public availability. Scraping is the process of using automated tools to extract large amounts of data from websites. This is typically involving crawlers and bots that can evade anti-scraping measures by mimicking human-like behavior. Although scraping constitutes a violation of the terms of service on LinkedIn, many threat actors continue to engage in the activity to demonstrate their capacity to bypass protections or to make a profit.
The vulnerability
In this case, a threat actor has freely shared the database records, which contain recent (2023) data for LinkedIn Premium users. These records contain the following information:
- Full name
- Email address(es)
- LinkedIn profile IDs and URLs
- Job title
- Employer name
- Education history
- Skills
- Languages spoken
- Brief professional summary
While most of the above is already publicly accessible to LinkedIn users, the inclusion of email addresses makes this leak valuable to cybercriminals. This information can be used for correlating email addresses with other leaks to find common passwords, narrow down the scope of brute-forcing attacks, or simply enable phishing. Also, having sensitive information combined into an indexable form makes it a lot easier for malicious actors to leverage it in social engineering attacks or perform identity fraud.
What is expected of you?
Regarding the nature of the leaked information, your immediate response is not required. However, we strongly advise you to follow the relevant best practices in this case:
- Never use your Tilburg University e-mail address for personal online services like LinkedIn.
- Every password you use, should be strong and unique.
- Use a dedicated password manager to easily create and use strong and unique passwords. We recommend using the licensed password manager that is offered by Tilburg University to students and employees: Keeper. For more information on Keeper, go to Keeper - Self-Service Portal.
It is possible to check if your e-mail address has been part of this and any other recent, or older leaks by using the Have I been Pwned website. If that is the case, immediately change the password for that e-mail address. By using Keeper, this check is automatically done for all passwords that are managed by Keeper.
Do you need technical assistance on this?
For technical assistance, please contact IT Support. Contact details can be found here: IT Support.
Questions?
Contact the security team for additional information: cert@tilburguniversity.edu.