• Skip to main content
  • Skip to header right navigation
  • Skip to after header navigation
  • Skip to site footer
RestorePrivacy

RestorePrivacy

Your online privacy resource center

  • Home

General

Home

News

About

Contact

Privacy Tools

  • Secure Browsers
  • Secure Email
  • Private Search Engine
  • Best VPN Services
  • Data Removal Services
  • Best Password Managers
  • Secure Messaging Apps
  • Ad Blockers
  • Identity Theft Protection

Newsletter

Coming soon.

No spam, ever.

  • Home
  • News
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Skiff Mail Review
    • StartMail Review
    • Runbox Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • Password
    • Best Password Managers
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Identity Theft
    • Identity Theft Protection
  • VPN
    • What is VPN
    • VPN Reviews
    • VPN Comparisons
    • Best VPNs
    • VPN Coupons
    • VPN Routers
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Tools
    • Secure Browser
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Browser Fingerprinting
    • Privacy Tools
  • Info
    • Mission and Site Guidelines
    • Press
    • Contact

New LinkedIn Data Leak Leaves 700 Million Users Exposed

June 27, 2021 By Alex Lekander — Leave a Comment
LinkedIn Data Breach leak 2021

Data from 700 million LinkedIn users has been put up for sale online, making this one of the largest LinkedIn data leaks to date. After analyzing the data and making contact with the seller, we have updated this article with more information, including how the data was obtained and the possible impact on LinkedIn users.

UPDATE: LinkedIn has confirmed via email to RestorePrivacy that the data was obtained from their servers, as well as from other sources. And contrary to some reports, LinkedIn is NOT denying that data was harvested from their servers. They point out, however, that some data was also obtained from other sources.

Many people trust LinkedIn with all sorts of private data, hoping and trusting that the information remains in safe hands. But is this trust warranted? So far in 2021, we have already seen two separate incidents where bad actors have exploited the professional networking platform to harvest vast amounts of user data.

The implications of this are far-ranging, from identity theft to phishing attacks, social engineering attacks, and more. Before we dive into the consequences of this leak, let’s first examine what happened.

What happened exactly?

On June 22nd, a user of a popular hacker forum advertised data from 700 Million LinkedIn users for sale. The user of the forum posted a sample of the data that includes 1 million LinkedIn users. We examined the sample and found it to contain the following information:

  • Email Addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn username and profile URL
  • Personal and professional experience/background
  • Genders
  • Other social media accounts and usernames
This is one of the largest LinkedIn data dumps we have seen.

The user claims that the complete database contains the personal information of 700 Million LinkedIn users. Since LinkedIn has 756 million users, according to its website, this would mean that 92% of all LinkedIn users can be found in these records.

Below is a small section of the sample we examined to show you how much information one record can contain:

LinkedIn Data Breach 700 million users exposed 2021 leak
In this sample you can see full names, LinkedIn usernames, Facebook usernames, email accounts, mobile phone numbers, professional data, inferred salary, and more.

Based on our analysis and cross-checking data from the sample with other publicly available information, it appears all data is authentic and tied to real users. Additionally, the data does appear to be up to date, with samples from 2020 to 2021.

While we did not find login credentials or financial data in the samples we examined, there is still a treasure trove of information for bad actors to exploit for financial gain, as we’ll explain more below.

How was the data obtained?

We reached out directly to the user who is posting the data up for sale on the hacking forum. He claims the data was obtained by exploiting the LinkedIn API to harvest information that people upload to the site.

Below is one interaction we had with the threat actor on Telegram. You can see that he is asking $5,000 for the complete data set, and stating that the data was acquired through the LinkedIn API.

LinkedIn data breach hacker up for sale

However, LinkedIn has emailed us an explanation, stating that not all of the data could have been acquired through the LinkedIn API. Instead, some of the data likely came from other sources.

LinkedIn has even issued a statement here, where they note that their “initial investigation has found that this data was scraped from LinkedIn and other various websites.”

Everything remains up for sale at this time.

Official response from LinkedIn

We have also reached out to LinkedIn for comment on this latest data leak. They have confirmed that the data was scraped from their servers, as well as other sources, but are also claiming that “no private LinkedIn member data was exposed.” And note that the definition of “private data” is surely subjective.

Our teams have investigated a set of alleged LinkedIn data that has been posted for sale. We want to be clear that this is not a data breach and no private LinkedIn member data was exposed. Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update.

– LinkedIn’s full statement can be found here.

It is important to note that LinkedIn is not denying that data was harvested from their servers. They are simply pointing out that:

  • Some of the data was also obtained from “other various websites”.
  • They do not consider your LinkedIn data that was exposed to be “private”.

So what is the definition of “private data” and what expectation of privacy do you have when you upload data to LinkedIn?

Possible impact of this latest LinkedIn data leak

While this latest LinkedIn leak did not contain any financial records or login credentials, there are still serious consequences. This is because it puts 700+ million people at risk of:

  • identity theft
  • phishing attempts
  • social engineering attacks
  • hacked accounts

Cybercriminals can use the information found in the leaked files with other data in order to create full detailed profiles of their potential victims. Additionally, bad actors can use the available data, particularly usernames, emails, and personal information, to gain access to other accounts.

Above all else, this information exposes LinkedIn users to a higher risk of exploitation by bad actors.

And once your private data is leaked, there’s no getting it back.

Should companies be financially liable when your data is exposed?

This leads us to an interesting question. Should companies be held liable when user data is exploited by bad actors?

In this specific case, it does not appear that LinkedIn servers were hacked or there was a full “breach” in the traditional sense of the term. Instead, however, the data was harvested through LinkedIn’s own API (application program interface) by threat actors.

How much privacy should one really expect on a social networking site?

When others have your data, it puts you at risk

We’ve said it before and we’ll say it again: any business, individual, or entity that has control over your private data puts you at risk. Whether this risk is minimal or vast depends on the data, who is securing it, and the consequences of it being lost.

To minimize this risk, you need to limit the amount of data that is available to others.

This could include getting off of all social networks entirely, or limiting the information you share. Using products and services that don’t harvest your personal information for profit is also crucial. We have reviewed some of the best options with:

  • Secure browsers that respect your privacy and don’t collect your data for advertising networks
  • Secure and private email services that don’t sell access to your inbox or scan your emails and attachments
  • Private search engines that respect your privacy

And of course, you should remain vigilant to all potential attacks while continuing to safeguard your personal information.

Related Articles:

  • Fujitsu Smart City 5G Source Code Leaked Online
  • Uber Suffers New Data Leak After Third-Party Vendor Gets Hacked
Avatar photo

About Alex Lekander

Alex Lekander is the Editor-in-Chief and founder of RestorePrivacy. With a passion for digital privacy and accessible information, he created RestorePrivacy in 2017 to provide you with honest, useful, and up-to-date information about online privacy, security, and related topics.

Previous Post:Cl0p hackers arrested ransomware cybercrimeUkrainian Police Arrest Cl0p Ransomware Suspects Responsible for $500 Million in Damages
Next Post:UPDATED: Here’s What Really Happened with the LimeVPN HackLimeVPN data breach hack

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Sidebar

Follow Us:

  • X
  • Mastodon
  • Facebook

Digital Privacy Essentials:
Secure Browser
Private Search Engines
Secure Email
Best Password Managers
Secure Messaging Services
Best Ad Blockers
Best VPN Services
Secure Cloud Storage

Privacy & Security Guides:
Privacy Tools
Alternatives to Google Products
Firefox Privacy Modifications
Five Eyes, 9 Eyes, 14 Eyes Spying
Browser Fingerprinting
Is Tor Safe?
Alternatives to Gmail
VPN vs Tor
Alternatives to WhatsApp
Is Your Antivirus Spying on You?
Controlling Communication Channels is Crucial for Privacy
Anonymity Networks: VPNs, Tor, and I2P
How to Really Be Anonymous Online
Private and Anonymous Payments

Secure Email Reviews:
ProtonMail Review
Tutanota Review
Mailfence Review
Mailbox.org Review
Hushmail Review
Posteo Review
Fastmail Review
Runbox Review
CTemplar Review
Temporary Email Services
Encrypted Email

Password Manager Reviews:
Bitwarden Review
LastPass Review
KeePass Review
NordPass Review
Dashlane Review
1Password Review
Best Password Managers

Secure Messaging App Reviews:
Wire Review
Signal Review
Threema Review
Telegram Review
Session Review
Wickr Review

Secure Cloud Storage Reviews
Tresorit Review
MEGA Cloud Review
Sync.com Review
Nextcloud Review
IDrive Review
pCloud Review
SpiderOak Review
NordLocker Review

How To Guides
How to Encrypt Files on Windows
How to Encrypt Email
How to Configure Windows 10 for Privacy
How to use Two-Factor Authentication (2FA)
How to Secure Your Android Device for Privacy
How to Secure Your Home Network
How to Protect Yourself Against Identity Theft
How to Unblock Websites
How to Fix WebRTC Leaks
How to Test Your VPN
How to Hide Your IP Address
How to Create Strong Passwords
How to Really Be Anonymous Online

About RestorePrivacy

Contact

About

RestorePrivacy is a digital privacy advocacy group committed to helping you stay safe, secure, and private online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), or sharing this information with others. See our mission here.

  • X
  • Facebook
  • Mastodon

And for cybersecurity news, check out CyberInsider.

Digital privacy Checklist:

  1. Secure browser: Brave or Modified Firefox
  2. VPN: NordVPN (74% off coupon)
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: ProtonMail or StartMail
  5. Secure messaging: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden
  8. Identity theft protection: Aura
  9. Data removal service: Incogni

Copyright © 2025 Restore Privacy, LLC · Privacy Policy · Terms of Use · Contact · Sitemap · All Rights Reserved