Unsecured Eight Databases Leaked Records of 60 Million LinkedIn Users

Over 60 million records of LinkedIn users have been found leaked through 8 unsecured database (DB), which consists of mainly public information such as email addresses.

A security researcher at GDI foundation said he has been analyzing data, which is switched to another IP every day after it gets deleted from the previous IP. After a while, the database is either not accessible or IP is made unavailable, which made the researcher think that the DB might be secure.

It was found that the records in the eight databases had up to 60 million LinkedIn users’ scraped public information, with each DB with a data of around 25 GB to 30 GB leading up to a total of 229 GB.Each leaked LinkedIn account has information of the LinkedIn profile, consisting of IDs, work History, Profile URLs, education background, location and skills mentioned, as well as the date when the information was last updated.

Even the email account id which was used for LinkedIn account registration, despite having privacy to be not available to the public, was also revealed.Other than the public information, internal values such as “isPersonal”, “isGmail”, “isHotmail”, telling about the types of subscription and email services users have on LinkedIn is also part of the DB.

The researchers ensured the accuracy and authenticity of the data theft by having some of the breached account confirmed by the users whose accounts were compromised.The Bleeping Computer stated that the leaked account information was hosted in the Amazon servers and upon contact, the security of the database and its unavailability on the internet was assured by the Amazon team.