LinkedIn, the social network for professional people and recruiters has reportedly been hacked. This vicious act has been going around since late May 2013 and have had profile data of many of its users compromised. LinkedIn says that it has now fixed those security loopholes.
Interestingly, the way the hackers defaced LinkedIn’s security is quite gripping. Instead of the regulars – using any phishing or keylogging malware, the hackers made fake profiles to connect with legit people. Once a profile has connected to another profile, all the information about that profile – including their achievements, history, the place they live, resumes and CVs etc, can be viewed and saved. This is what those fake programmed profiles did. They made connections with people and started retrieving their information.
Says Emsisoft:
The hackers behind the LinkedIn data breach pulled things off by way of a very creative although very illegal approach. They simply created thousands of fake profiles, and then programmed the profiles to automatically connect with real LinkedIn members. When two people “connect” on LinkedIn, they essentially share resumes or CVs. Using thousands of fake profiles to connect with thousands of real members therefore gleaned all sorts of personal information for whoever was behind the attack.
Although it is very rare kind of hacking, it can lead to identity theft and other critical issues. Once they have got so much information about you on their hands, they can disguise as you and contact other people on other networks, or even contact your colleagues.
The time it took LinkedIn to figure this attack itself possess a shammy record of their security sophistication. It isn’t the first time the site has been hacked, as it keeps on appearing on the news every once in a while. This kind of service will only put a bad name of it in front of people, and will lose its credibility.
LinkedIn will be taking severe actions against the hackers, since they also void many of the legal policies, including the Computer Fraud and Abuse Act and DMCA.
We aren’t into half of January yet, and services like Yahoo, Snapchat and Skype have had their security compromised. if you are on LinkedIn you may want to think twice before accepting someone’s invitation, or even review your existing ones.
Find out: Have I been Hacked?