LinkedIn Breach

In early 2021, LinkedIn encountered a significant data scraping incident where attackers harvested publicly available user profile information and subsequently sold it online. While this event did not involve a breach of private data, the exposed information, including names, email addresses, phone numbers, job titles, and other professional details, was aggregated and monetized in hacker forums.

LinkedIn addressed the situation publicly, clarifying that the data was scraped from its platform and other websites, emphasizing that no private member account data was exposed. The company stated that scraping data from LinkedIn violates its terms of service and that it works to prevent such misuse of member data.

Regarding legal actions, LinkedIn has taken steps to protect its platform and user data. In February 2022, LinkedIn filed a federal lawsuit against Mantheos Ptd. Ltd, a Singapore-based company accused of scraping and selling customer data. The lawsuit was settled in May 2022, with Mantheos agreeing to be permanently restrained and barred from the practice. The settlement did not include any monetary compensation, and Mantheos did not admit to any liability but did admit to gathering member data from LinkedIn.