Widespread Credential Exposure is the Fallout of the Massive LinkedIn Data Breach

Your Data Was Probably Exposed

---

LinkedIn suffered another monster data breach that came to light this week. Earlier this week, the data of 700M LinkedIn users appeared on a popular dark web forum. That number is more than 92% of LinkedIn’s estimated total of 756M users – and a boatload of exposed data.

---

---

If You’re a LinkedIn User, Your Data Was Probably Exposed

---

In the original post, first reported by Privacy Sharks, the hacker with the goods posted a sample as proof of the hack that contained about 1 million records. Experts and researchers in multiple security organizations have confirmed that the data was genuine. To add insult to injury, Restore Privacy reports that this hack appears to have been carried out by exploiting the same vulnerability that hackers used to scrape 500 million user accounts just three months ago in April 2021.  

This hack is huge for another reason. This scrape isn’t just a quick scoop up of average, basic user data. This treasure trove for cybercriminals contains a plethora of sensitive and personally identifiable information that can be used to facilitate all manner of cybercrime from spear phishing to business email compromise scams or identity theft. It’s a danger to both workers and businesses. Experts are warning LinkedIn users that after studying the sample provided by the hacker, they’ve determined that extensive personally identifying information (PII) may have been exposed in this incident including: 

• Email Addresses 
• Full names 
• Phone numbers 
• Physical addresses 
• Inferred salaries 
• Geolocation records 
• LinkedIn username and profile URL 
• Personal and professional experience/background 
• Genders 
• Other social media accounts and usernames 

---

---

So What Should You Do?

---

By far the fastest, easiest and most effective way to mitigate password reuse problems and immediately improve an organization’s password security immediately is by adopting a dynamic secure identity and access management tool that gets the job done at a great price like Passly. 

You’ll get: 

• Multifactor Authentication (MFA) – This feature alone can stop up to 99% of cyberattacks cold. Take the power out of a compromised password by requiring another identifying token for access to systems and data, with many choices for token delivery to fit your business. Plus, MFA gives you protection against phishing attacks too, because the password that was just phished from one of your staffers isn’t going to let cybercriminals in either. 
• Single Sign-On LaunchPads (SSO) – Give each user their own, personalized launchpad that leads them to everything that they need. When your staffers only need to remember one password to access all of the applications that they use every day, they’re happy. When your IT teams only have to manage permissions and access point security through a limited number of defensible points, they’re happy too. 
• Simple, Cost-Effective Remote Workforce Provisioning – Passly gives your IT team everything that they need to for secure identity and access management in office and remotely. Seamless integration with more than 1,000 business applications and secure shared password vaults for team access makes adjusting permissions a snap. Plus, your team can act quickly to isolate a compromised account in case of trouble. 

Don’t wait until password reuse becomes your organization’s problem. Contact the experts at ID Agent to learn how Passly can benefit your clients and your business. 

Put the powerful solutions in the ID Agent digital risk protection platform to work for you to sensibly and affordably protect your organization from today’s biggest cybercrime threats.  Contact one of our solutions experts today for a personalized demo.

---

---

---

---