The same threat actor has leaked larger amounts of data from LinkedIn dated 2023. They claim this new data contains 35M lines and is 12 GB uncompressed.
It says it’s scraped and not leaked
Well, fuck. This was the ONE social media site that I put my data on, and that was out of necessity (job hunting). I know it’s not the same, but this sort of feels like the Equifax breach.
deleted by creator
Its all HR people constantly job hunting by sharing the equivalent of those “hang in there” wall posters from the 90s and adding a paragraph about what it takes to make it in the workforce.
Ill make one of these bullshit posts now.
Suggested:
In school my old teacher Mr. Gerry would perform the elephant toothpaste experiment. This got me thinking. The glass beaker is like the job market and the chemicals mixed together is like your marketable skills that grow to fill the needs of the job market. In my 16 years as a human asset coordinator I’ve come across many difficulties that required shifts in how I approached the job market. Be like the elephants toothpaste and explode into the market beeeeyaaaaa
It’s not an actual leak. It’s mostly scraped data and fake addresses.
And we share real background information, very specific details. This could lead them to our friends and colleagues!
But I’m not sure it can be called social media, though, but if you are looking for social media platforms that can avoids data leaks, and don’t ask for your personal info when register, WireMin and Damus are both good choices.
Speaking of which, we should have a version of LinkedIn that is decentralized!
deleted by creator
deleted by creator
What private info is on LinkedIn? I thought the whole point was to make your resume public and get found by employers.
LinkedIn sells the info themselves, they don’t let the general public easily scrape/access it
Figures. The only way to get someone interested in my linkedin account is for them to steal the data.
Let me know if you see anything you like. I didn’t put it on there but I’m also proficient in bocce ball
The jokes on LinkedIn. T-Mobile already has my social security number, birth date, and other important information on the dark web, thanks to their security breach.
According to Troy Hunt this alleged leak is mostly from older leaks and fake data:
“this data is a combination of information sourced from public LinkedIn profiles, fabricated emails address and in part (anecdotally based on simply eyeballing the data this is a small part), the other sources in the column headings above. But the people are real, the companies are real, the domains are real and in many cases, the email addresses themselves are real”
Source: https://www.troyhunt.com/hackers-scrapers-fakers-whats-really-inside-the-latest-linkedin-dataset/
Again and again and again and again. I get more spam on my linkedin email address than I do on any other.
I have a set it up so that any email sent to unknown users on my domain gets redirected to email. If you send an email to
bad_address@example.comand my real email isuranibaba@example.com, I will still receive the email.Now this is great because I will just use
name_of_service@example.comand still get the email. If the email is leaked, I will know where it came from.Owning your own domain is great that way. Even makes the little bit I pay to ProtonMail well worth it. There are a few addresses I have dedicated, like my aws@example.com, me@, and my-name@, but the rest just go to a catch all. It’s fantastic.
My mail is hosted by my domain host but I am considering switching to Proton. Have you done such a move?
Yeah the setup is pretty trivial and it works great.
Be careful, my domain got on a whole bunch of ISP’s spam lists because I had done the same thing.
They really don’t like open domain email working.
That’s annoying! It’s not been my experience, out of curiosity do you have any theories why your domain/aliases got blocked?
out of curiosity do you have any theories why your domain/aliases got blocked?
For my domain it was put on a spam list that various ISPs use.
When I spoke with one ISP they said it’s because I had an open email address situation going, where a spammer can send a spam email out to a third party and on the reply address to they can make up anything as an email address for my domain name and it would be ‘valid’ because my domain email server was set up to receive all emails that you described.
And because of that I got put on a global spam list which many ISPs use. At the time I didn’t even know about my domain being on the list, I just noticed a big drop in emails I was receiving.
FYI this happened over a decade ago, so I do not know if that is the current practice today. But better to make sure any email addresses to your domain that is not valid does not go through. No “catch all” bucket situation.
That’s not because you have a wildcard. That’s because you need to implement DKIM, DMARC, and SPF records to prevent others from using your domain name to send mail.
MTAs use those standards to verify if somebody is permitted to send email for your domain. If you don’t have those set then you can get what that ISP described.
That’s because you need to implement DKIM, DMARC, and SPF records to prevent others from using your domain name to send mail.
Well I used a third party service to host my domain, and as far as I can remember (like I said this was over a decade ago, maybe almost two decades), everything was set up correctly at that time.
Not trying to dispute what you said, but I can at least speak towards that as far as we knew at the time we had the domain set up correctly on our end, the stuff we could control.
The only thing is we had a catch-all bucket setting turned on for emails to be forwarded to an internal email address of our domain.
There has never been a correct way to deploy these services, just increasingly complex, featurefull, and or secure ways to do it
Gadammit, my linkedin uses my clean email account. Linkedin security, do better!
That would explain the targeted scams I’ve been subjected to which seem to have been coming from old colleagues
That’s why today I got an email from a headhunter that used Data from my LinkedIn profile. Fuck this.
My sarcasm detector is uncertain with this one.
No sarcasm, I never got an E-Mail before from a Headhunter, only LinkedIn Messages. Not gonna lie, I hated it.
So glad that I did NOT simply close my account there, but instead I changed every single piece of personal data to some meaningless xyz123 before I finally closed it.
Your old info is still backed up there
Yes, but it was a while ago, and the backup gets older every day.
Great timing, started using linkedin like 2 weeks ago😅
Oh good. Just when I was looking for a job.
deleted by creator
deleted by creator
