Offline? LinkedIn suffers a data breach


An American software company struggled to restart its systems after a massive ransomware attack that affected organizations around the world. – © AFP

LinkedIn has suffered a data breach from more than 92 percent of its user base, including information phone numbers, physical addresses, geolocation data, and deducted salaries.

That personally identifiable information it is seriously valuable to scammers who can use it to create sophisticated impersonation and impersonation attacks.

He hacker who obtained the data has released a sample of one million records. Several checks by industry watchdogs confirm that the data is authentic and up to date.

The four filtered files contain different information about various LinkedIn users. There are constant concerns about how the threatening actor will use the data, leaving many open to activities such as fishing campaigns.

The problem is being examined for stakeholders digital newspaper Readers is the OneSpan technology evangelist, Benoit Grangé.

According to Grangé, the biggest concern relates to the type of user-related data found in a social networking system like LinkedIn. Here, just because LinkedIn focuses on “professionals,” that doesn’t make the data entered less vulnerable compared to something like Facebook.

Grangé says: “This breach is an unfortunate reminder of the vulnerability of our personal data online and that consumers must take action on their digital identity taking extreme caution when dealing with any unsolicited communication they receive. and make sure they have multifactor authentication enabled whenever possible “.

This is an essential step, says Grangé: “That way, when there are inevitably identity leaks like this, consumers can be sure to stay safe online. There’s a lot of really sensitive information in this breach that scammers will try. explode by targeting people with custom fishing attacks tailored to access accounts or deceive involuntary consumers with money transfer. “

After that, Grangé states, “No trusted organization would ever ask anyone to separate from money or their sensitive information by email, SMS or phone.”

There are other measures that need to be taken in relation to institutions that have sensitive data. Here Grangé observes: “Banks need to have tools to prevent scammers from committing fraud in applications using information like this to set up new accounts in the name of the victim.”

With regard to the appropriate measures, Grangé recommends: “By using the latest identity verification technologies such as AI and biometrics in their incorporation processes, financial institutions will be able to verify quickly and remotely whether a single bidder is really who says it is or not. “

Source link