HIGH SEVERITY

LinkedIn Data Breach

LinkedIn Professional Network Data Scrape (2021): 400 Million Public Profile Records Including Phone, Job Title & Home Address Sold Online

Professional networking platform.

Verified by ObscureIQ Intelligence

X in f @

7.5Severity

400.1MRecords

9Fields

2021Year

ObscureIQ Breach Intelligence Scores

1.3

Breach Risk Index

Data Value

Market Recency

512

days

Since Breach

⚡ Risk Interpretation

High risk of spearphishing, impersonation, and business relationship mapping. Employment and network data make targeted scams, executive targeting, and BEC-style attacks much more effective.

🎯 Impact & Downstream Threats

The 2021 LinkedIn incident is best described as a large scraping event, not a conventional internal system breach. Public reporting from HIBP says attackers scraped data from hundreds of millions of public profiles and monetized it later, while LinkedIn’s public position was that the dataset was an aggregation of data from multiple sources and did not expose private member account data. Even so, the exposure was still significant because it packaged names, emails, job titles, locations, and rela

Primary downstream threats:

SIM swap attacks where phone numbers are present
Targeted phishing campaigns using exposed email addresses
Doxxing risk from physical address exposure
Employment-based social engineering using job and employer data
Social media account targeting and impersonation

🔓 Threat Vectors

Credential fraud & spear-phishing

Phishing, credential stuffing & account takeover

Name-based social engineering

Profile enrichment

Pattern-of-life analysis & physical surveillance

Vishing & authority impersonation

SIM swapping, vishing & SMS phishing

Physical stalking, mail fraud & identity verification

Home targeting, stalking & physical threat

Account impersonation & social graph harvesting

📋 Breach Intelligence

EntityLinkedIn

OrganizationPublic Company • USA / Global

Breach Date2021-04-08

DBC Added2024-12-01

Added Date2024-12-01

Records~400.1M (400,100,434 records)

Attack VectorMisconfiguration

Data SubjectsUser

Breach PathwayScrape

SourceHave I Been Pwned / DataBreach.com / ObscureIQ ↗

SensitivityStandard

Breach ID799;800

StatusConfirmed

📝 Executive Summary

LinkedIn suffered one of the largest professional profile exposures on record when attackers scraped data from approximately 400 million user accounts in early 2021 and sold the aggregated dataset on hacker forums. The incident was not a conventional database breach. Instead, attackers harvested publicly visible profile information, likely through automated access to LinkedIn's platform and APIs, in violation of the platform's terms of service. LinkedIn stated that the dataset drew from multiple sources and did not expose private account data, though the scale and sensitivity of what was compiled told a different story. The exposed data included names, email addresses, phone numbers, job titles, geographic locations, education history, genders, and links to social media profiles. Phone numbers and home addresses are not typically public on LinkedIn, raising concerns that some fields were extracted through API enumeration rather than simple profile scraping. Packaged together, this information creates a detailed professional identity profile for hundreds of millions of people, ready-made for targeted phishing, impersonation, fraud pretexting, and business relationship mapping at scale. LinkedIn filed a federal lawsuit in February 2022 against Mantheos Pte. Ltd., a Singapore-based company accused of scraping and reselling member data. The case settled in May 2022. Mantheos agreed to a permanent restraint from the practice but admitted no liability and paid no monetary compensation. No broad regulatory action was publicly reported. Affected individuals face elevated risk of spearphishing, executive-targeted scams, and business email compromise attacks, since the dataset gives bad actors detailed context to craft convincing, personalized outreach.

🏢 About LinkedIn

LinkedIn is a professional networking platform centered on work identity, career history, recruiting, business relationships, and professional publishing. Since Microsoft acquired it in 2016, it has operated as a large-scale employment and professional graph that serves job seekers, recruiters, advertisers, sales teams, and enterprise customers.

Platform | Professional networking and recruiting | Social platform + hiring marketplace | Global

Public CompanyUSA / Globallinkedin.com

🗂 Why They Hold Your Data

Professional networking platforms collect identity, employment history, education, contact details, social connections, messaging, recruiting activity, and behavioral engagement data across career and hiring workflows.

📰 Recent Developments

LinkedIn continues to position itself as a major AI-enabled talent and professional platform. Public materials and recent Microsoft disclosures point to ongoing product investment around recruiting, learning, and AI-related career tools, while Microsoft reported LinkedIn revenue growth and record engagement in FY25 Q2.

🔍 Data Points Exposed

9 verified field types:

Phone Number

Name

Home Address;Education levels

Genders

Geographic locations

Job titles

Names

Social media profiles

Exposure Categories

LocationPHYS ADDR | GEO LOCS

EmploymentJOB INFO

Canonical Fields

education_information, email_address, full_name, gender, geographic_locations, job_information:job_title, phone_number, physical_address:home, social_media_profile