Information scraped from around 500 million LinkedIn user profiles is part of a database posted for sale on a website popular with hackers, the company confirmed Thursday.
The sale of the data was first reported on Tuesday by cybersecurity news and research site CyberNews, which said that an archive including user IDs, names, email addresses, phone numbers, genders, professional titles and links to other social media profiles was being auctioned off on the forum for a four-figure sum.
According to LinkedIn, the database for sale “is actually an aggregation of data from a number of websites and companies.” The data from LinkedIn users includes only information that people listed publicly in their profiles, the professional social media site, which is owned by Microsoft (MSFT), said in a Thursday statement.
“This is not a LinkedIn data breach, and no private member account data from LinkedIn was included in what we’ve been able to review,” the company said.
The news comes just days after a separate incident in which data scraped from more than 500 million Facebook users in 2019 including phone numbers, birthdays, emails and other information was posted publicly on a website used by hackers. While these kinds of data are less sensitive than, say, credit card details or social security numbers, information like phone numbers can still be exploited by bad actors, including for robocall scams.
LinkedIn has more than 675 million members, according to its website, meaning that around three quarters of its users’ information may be included in the database.