More than 700 million LinkedIn accounts were put up for sale on the dark web following a data breach. This page explains how the LinkedIn data breach happened.
In June 2021, it was revealed that over 700 million people had their personal data hacked in the latest LinkedIn data breach.
Given that the nature of the stolen data, which includes salary details, this was a serious breach that could have had repercussions on those whose information had been exposed.
In total, 92% of LinkedIn users are reportedly affected by this breach.
The data exposed includes:
As the data stolen in this attack was put up for sale on the dark web, we recommended that anyone who used LinkedIn at the time of the breach take immediate steps to protect themselves from phishing and fraud attempts.
This included reviewing the privacy settings of all the apps and social media sites they used, changing their passwords, and enabling two-factor authentication (2FA) wherever possible. Furthermore, with details relating to other accounts also compromised, all LinkedIn users should also have changed their passwords on any related sites.
This was not the first time that the business networking site had experienced a data breach.
In April 2021, LinkedIn confirmed another data breach affecting 500 million subscribers. However, on that occasion LinkedIn said that it had not experienced a breach but rather the information was gathered by someone scraping its network.
In addition, in May 2016, LinkedIn had 164 million email addresses and passwords exposed. The data was put up for sale on the dark web in 2016, some four years after the platform was originally hacked.
See our answers to the FAQs we get asked about the LinkedIn data breach.
A hacker obtained a dataset consisting of personal details of more than 700 million LinkedIn users.
The breach included users’ full names, phone numbers, emails, home addresses, geolocation data, salary expectations, genders, LinkedIn usernames and profiles and other social media account details (including usernames).
The hacker behind the breach shared a sample of the database which contained one million records from between 2020 and 2021. This sample was authenticated and proved that the stolen information was genuine and up-to-date at the time of the breach.
No, in April 2021, LinkedIn confirmed another data breach affecting 500 million subscribers. On that occasion LinkedIn said that it had not experienced a breach but rather the information was gathered by someone scraping its network.