Breach Brief – Was LinkedIn Hacked Again? and Carnival Was Hacked Again!

Published On June 30, 2021 | By Tom Huskerson | Breach Briefs, News and Analysis

No one wants to admit that they have been hacked. Especially a company like LinkedIn that relies on users providing information to them for sharing and safe keeping. So are reports of a massive data breach at LinkedIn reliable and accurate?

Let’s first look at whats being reported. Now according to WeLiveSecurity.com this is the second time this year, hackers scraped data from LinkedIn accounts to the tune of hundreds of millions of LinkedIn users. The data has reportedly been offered for sale on a hacking forum. This time the load of user data topped the haul of 500 million LinkedIn user accounts  put up for sale in April of this year. Try 700 million users!

Privacy Sharks broke the news that someone going by the moniker “GODUserTomLiner” offered the 700 million accounts on a popular hacking forum on June 22nd. Now this person claiming he has pretty much the entire LinkedIn userbase. If this true then LinkedIn cannot be happy!

“GODUserTomLiner” offered up a sample of 1 million records to prove he was for real. That data was analyzed by a Privacy Sharks team and they verified that the uploaded sample was indeed genuine LinkedIn data that included full names, gender, email addresses, phone numbers, and information about the users’ professional experience.

So how did this happen? According to RestorePrivacy this was a repeat performance of the breach back in April. The hacker apparently misused the official LinkedIn API to download the data.

So what does LinkedIn have to say? As part of their denial LinkedIn provided the following statement;

“While we’re still investigating this issue, our initial analysis indicates that the data set includes information scraped from LinkedIn as well as information obtained from other sources. This was not a LinkedIn data breach and our investigation has determined that no private LinkedIn member data was exposed. Scraping data from LinkedIn is a violation of our Terms of Service and we are constantly working to ensure our members’ privacy is protected.”

Carnival Cruise

Most people only know Carnival Cruise for its cruise ship business but in reality it is a is a major corporation encompassing numerous industries and services. But reports are that the Cruise line was hit by a major data breach exposing many private details of both passengers and employees. What is really frightening is that the dat stolen included passport information, email addresses, and even social security numbers. You can always tell how bad a data breach is by the behavior of the company involved. In this case Carnival Corp has refused to give even an estimate of how many people have been affected by the leak. This does not look good and the stock price dropped significantly.

Like LinkedIn this is not the first time that Carnival has been hit with a major data breach. Try four times in the past 15 months! Each time the attack was slightly different but four times in 15 months is evidence that that their cyber security sucks! 

In this attack the hackers encrypted part of a cruise line’s systems, then accessed the private information of customers and employees. Carnival Cruise has also refused to say whether or not it’s paid a ransom for the information, but make no mistake this was definitely a ransomware attack.

 

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.