LinkedIn is refusing to take full responsibility of the latest hack, after comprising the personal information of over 700,000 million users. If you have an account with the professional, career social media site, there is a chance your information was hacked and placed up for sale.
Consumer Affairs reported on June 20, that hackers sold data and personal information of approximately 93 percent of LinkedIn users online. One major question is, how could LinkedIn let it happen again this year, after the hack in April that jeopardized about 500,000 users? The big tech company blames scraping and not a data breach for both hackings.
On the company’s website, there is a statement saying that it was a combination of data from several websites and companies. LinkedIn admitted what was on the social media platform included publicly member profile data that appears scraped from its website. Because scraping violates their service terms, the only action taken is holding the hackers accountable for the scrapes. It is not a data breach says LinkedIn.
Personal and professional information hackers may possibly have about you
- First and Last Names
- Physical Address
- Telephone and/or Mobile Phone Numbers
- Email Address
- Professional Experience/Background
- Username for LinkedIn
- Geolocation Records
For as users’ financial data and login credentials, it did not appear the information was a part of the LinkedIn breach. Although this information was not involved in the leak, hundreds of thousands of people are at risk of identity theft, account hacks, and phishing challenges.
Consumers have the right to data privacy and security, requiring the government on a federal and/or state level to regulate big techs. To date, there are no federal regulations of the internet and the technology industry, only self-governance operated by the internet system. The latest legislature introduced the Information Transparency and Personal Data Control Act to 116th Congress for 2019-2020 and to 117th Congress for 2021-2020.
How the Information Transparency and Person Data Control Act Provides Protection
Under the Act introduced in April 2019, the Federal Trade Commission (FTC) must require controllers, such as LinkedIn, having access to users’ personal information to:
- Provide a data use policy to consumers.
- Receive permission to collect and share a user’s personal information and data.
- Receive a yearly privacy audit that analyzes the adequacy of the controller’s data privacy and security control.
Data privacy and protection of personal information at a federal level have their complexities, technical issues, and deficiency of regularity. FTC requires controllers to make accessible to users the option of opting-out or opting-in to share collected data submitted on their websites. They must be more transparent about how they use consumers’ information.
The Do Not Track Act, Section 1578 requires the implementation of a system that allows consumers to opt-out of tracking. Big Tech companies will stand accountable and receive punishment for disregarding the opting selections of their users. In March 2021, 117th Congress received an introduction to the bill for 2021-2022 providing consumer privacy protection.
It gives consumers control of their data and ensures user’s personal data and information pertaining to children under the age of 13 receive protection. FTC requires Big Tech entities and controllers collecting, processing, selling, sharing with third parties, and storing sensitive data to affirm, opt-in, and express permission.
You as a user of LinkedIn must receive an updated policy regarding the transparency and use of your data, privacy, and data. Violations of the Information Transparency and Personal Data Control Act can result in legal actions by the attorney generals of US States. An attorney general can file a lawsuit on behalf of residents in a State in the US District Court.
What you can do if you believe your information and data on LinkedIn was comprised?
You should notify LinkedIn immediately and report that you believe there is comprising of your data and information. If you are unable to access your account, LinkedIn have a Reporting Your Hacked Account form you must complete and submit. It is helpful to include your profile’s URL.
Change your password as soon as you can access your account. For added security, turn on the two-step verification to receive authorized access.
Look at your active sessions to see a device or login. If you do not recognize the session, sign out of it, and change your password. Make sure your email addresses and phone numbers are up-to-date and secured.
LinkedIn released information that there were no leaking of financial data and personal login credentials, a huge relief for users. They are not taking full responsibility of the hacking, while RestorePrivacy believes the data breach placed millions of users at risk.
As the legal framework governing social media sites and big tech companies continues to grow in states and federally, accountability is inevitable. LinkedIn is covering their end and provides steps for users to file a report of possible hackings to their accounts. Restrictions on scraping and holding hackers accountable may save the Big Tech from hefty fines and lawsuits filed in the US District Court.