The world’s largest professional network LinkedIn faces a probe by the Italian privacy watchdog following a leak of users’ personal data, including names and phone numbers, according to a report.
The Italian authority said in a statement that it started an investigation after “the dissemination of user data, including IDs, full names, email addresses, telephone numbers”, according to Bloomberg.
The regulator warned that anyone getting hold of such data and using it could face sanctions. It said Italy has one of the highest number of subscribers to LinkedIn in Europe and called on affected users to “pay particular attention to any anomalies” related to their phone number and their account.
Microsoft-owned LinkedIn did not immediately respond to an email seeking comment.
On Tuesday, data from more than half a billion LinkedIn profiles was put up for sale on a virtual hacking forum, reported an online publication CyberNews.
"The heart of the issue in the reported LinkedIn data leak is that the bad guys are getting better at this and at a faster rate than the good guys. The gap is growing in an accelerated way … it's like seeing a Tesla racing against someone on bicycle," Sam Curry, chief security officer at Boston-based cyber security firm Cybereason, told The National.
“While LinkedIn doesn’t appear to have responded with any official comments, they should default to transparency and helping the users and customers. With great power, comes great responsibility,” he added.
The Italian move comes after Ireland’s privacy authority said it was looking into a leak over the weekend of the personal data of more than half a billion Facebook subscribers.
Last Saturday, personal data of more than 533 million Facebook users was available for free download on an online hacking forum.
The trove of confidential information, which was first leaked in 2019, contained users’ personal information such as usernames, phone numbers, marital status, locations, birth dates, email addresses and in some cases complete bios of users.
"This [LinkedIn's leak] is a similar story to Facebook," Morey Haber, chief technology officer and chief information security officer at Georgia-based BeyondTrust, told The National.
"It is unknown whether the leaked data is new or old, and if someone publicly publishes their phone number, all of the information that is listed in this leak can be scraped from the public profiles," added Mr Haber.