Attackers scraping data from LinkedIn
Unknown attackers have been scraping large volumes of data from enterprise social media platform LinkedIn since December 2015, the company revealed in a lawsuit filed last week.
The filing states that the attackers have been using bots to extract and copy data from many LinkedIn pages, causing a significant strain on LinkedIn network services and forcing the company to expend time and money to investigate and respond.
To achieve the data collection, the attackers have intentionally circumvented several technical barriers the company uses to prevent mass automated scraping, violating the user agreement as well as several federal and state US laws.
But LinkedIn stressed that the data being collected is not confidential, so the activity should be considered an attack and not a data breach.
LinkedIn has filed the lawsuit with the aim of identifying the attackers and obtaining a permanent injunction halting the conduct. It hopes to achieve this by serving third-party discovery notices to various ISPs and networks.
The company said it is also entitled to compensatory damages as a result of the attack.
LinkedIn has 400 million members in more than 200 countries and territories, including 128 million from the US, the filing states. Microsoft recently arranged to acquire the social network for US$26.2 billion ($34.2 billion).
Scattered Spider: where every click is one step closer to chaos
Cybercriminal group Scattered Spider often uses social engineering to gain access to identities...
The MediSecure breach thrusts the security spotlight back on service providers
Organisations have been confronting security risks in their supply chains for years, but a new...
Managing third-party cybersecurity risks in the supply chain
Third-party cybersecurity breaches occur when the victim's defences are compromised through a...