INTRODUCTION
LinkedIn is a US-based social networking site oriented towards employment and business. They offer their service via mobile applications and websites. The business platform offers to connect users to job opportunities posted by employers. The very popular platform is used by professionals all over the world. A service of being a bridge between employers and employees where people can meet like-minded professionals. Job seekers can post their CVs and employers can post about their job’s requirements. The objective of the platform is to make members engage and create networks in the same professional fields.
Incident Description
In June 2012, it was reported that over 6.4 million hashed passwords have been leaked. It was speculated though that over 100 million accounts have been compromised. The speculations being true, in 2016 it was reported that an additional set of data was released. An intruder going by the name of “PEACE” was selling the hacked emails and passwords. Slowly by the passage of time, the numbers of users affected by the data leak grew. Online magazine ‘MOTHERBOARD’ reported that hackers are trying to sell more account information of around 167 million accounts in the hacked database.
The breach was reported to happen over a span of several years and the culprit was doubted to be a Russian cybercriminal. In later investigations, the hacker was arrested by the US in 2016 and his name was told to be Yevgeniy Alexandrovich Nikulin.
The Threat of information and authentication details of professionals being exposed and at stake, the social media platform was criticized heavily.
The data was decoded quickly and was available for sale on the internet illustrating that LinkedIn’s storing passwords was cryptographically weak and outdated.
HACKER BEHIND THE BREACH
The person behind the 2012 LinkedIn breach was later reported as Yevgeniy Alexandrovich Nikulin. A 32-year-old Russian who goes by the name of PEACE in cyberspace.
Nikulin was arrested in October 2016 from the CZECH REPUBLIC and was extradited to the
UNITED STATES. He was sentenced to 88 months in prison for data breaches LINKEDIN, DROPBOX and FORMSPRING
He hacked into a computer of a LinkedIn employee and installed malware. Then the hijacked machine was used to log in to LinkedIn corporate VPN by the stolen credentials
After gaining access to the network Nikulin accessed databases and stole login information, encrypted passwords of millions of users.
IN-DEPTH ANALYSIS
Data security issues have been present for a long time. Any password being secured and saved in plain text is a big vulnerability issue and poses a threat to data. Several websites prefer the technique of hashing passwords and LinkedIn was also using the same technique. Data was dumped in two waves and many hacking groups boasted of selling the compromised stolen data.
Figure 2Preview of data leaked
Hacker published records to confirm the legitimacy of their data which included
• Email addresses
• Full name
• Phone numbers
• Geolocation Records
• LinkedIn usernames and profile records
• Genders
• Other linked social media accounts and details
Several media agencies report stated that the breach was done by the SQL injection attack. The LinkedIn company confirmed the attack a few days later. It was stated that the compromised data file had about 6.5 million passwords. In the year 2016, the full report was published, and further, it’s informed stating that over 110 million user passwords were breached.
Comments