The same threat actor has leaked larger amounts of data from LinkedIn dated 2023. They claim this new data contains 35M lines and is 12 GB uncompressed.

  • jungle@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Thanks, it’s rare to find a well thought out answer in here like yours.

    I agree that LinkedIn always did shady things to increase their user base. They used dark patterns to get access to your address book even as they got constant criticism for that, both externally and internally. One of their top product managers was actually proud of that, and said that they would have done more if possible.

    But I very much doubt they actually sold their customer’s emails at any point. They have always been very protective of their customer’s data, fighting scrapers and limiting APIs. There’s no upside to selling your customers info. You’re undermining your own business by doing so.

    • TWeaK@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      and said that they would have done more if possible.

      This there is the MO I was talking about.

      I can’t conclusively say whether or not LinkedIn intentionally sold my email, or whether they were just infected at the time. However, I feel like the former is at least as feasible, and even if it was the latter it’s still reprehensible of them to be so lax in their security. Like I say, I’ve only experienced 2 websites that did that, and I’ve made up countless emails going on for years before then.

      • jungle@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        They don’t have lax security. They use industry standard measures, including encryption in transit and at rest, salted passwords (they were caught without salt over a decade ago and fixed it), internal training on security, phishing simulations, the works. Your data is their business, they don’t want to lose it.