linkedin.com must have had a data breach

May. 12th, 2012 01:53 pm
ewx: (red robot (waving arms))
[personal profile] ewx

I routinely use unique addresses for website logins; there are a variety of advantages to this but among them is that when you receive something like this:

  Received: from [113.167.251.41] ([113.167.251.41])
  	  by chiark.greenend.org.uk (SAUCE v0.9.0)
            with smtp id sauce-11056-1336764-1; 11 May 2012 19:33:27 +0000 (GMT)
  Date: Sat, 12 May 2012 02:33:04 +0700
  Message-ID: <864617726080.80008218807247@alsabahgroup.org>
  From: Dice Stars <qmabsjqbkks@alsabahgroup.org>
  To: <the address I gave to linkedin>
  Subject: =?iso-8859-1?Q?Start_winning_big_with_our_generous_welcome_bonus_at_Dice?=
  	=?iso-8859-1?Q?_Stars_Casino!?=
  MIME-Version: 1.0
  Content-Type: text/plain; charset=iso-8859-1
  Content-Transfer-Encoding: quoted-printable
  X-Warning: 113.167.251.41 is listed at zen.spamhaus.org

  The Dice Stars is a great place to play casino games.

  With a welcome bonus of 300=25 on offer for new players this is the place=
   to rack up some quick cash.

  Deposit 100 EUR/USD and get 300 EUR/USD totally free!

  Start playing today to win the big bucks.

  http://<url redacted>

…you know who screwed up.

Tags:
Flat | Top-Level Comments Only

(no subject)

Date: 2012-05-12 01:23 pm (UTC)
From: [identity profile] pndc.livejournal.com
Would the address have been linkedin@your-domain? Because a dictionary attack will find that.

(no subject)

Date: 2012-05-12 01:26 pm (UTC)
ext_8103: (Default)
From: [identity profile] ewx.livejournal.com
No, much less guessable than that.

(no subject)

Date: 2012-05-12 01:40 pm (UTC)
From: [identity profile] geekette8.livejournal.com
...or, somebody who corresponded with you through LinkedIn uses Outlook and visited a dodgy site that harvested their address book.

(no subject)

Date: 2012-05-12 01:46 pm (UTC)
ext_8103: (Default)
From: [identity profile] ewx.livejournal.com
That would be, er, nobody. Or rather, one or two people have contacted me through it but any replies wouldn’t use the address that I gave to linkedin, which amounts to the same thing.

(no subject)

Date: 2012-05-12 04:28 pm (UTC)
gerald_duck: (ascii)
From: [personal profile] gerald_duck
Oh! Unique e-mail addresses!

For a moment I thought you meant unique IP addresses, and was about to say that the depletion of IPv4 addresses was all your fault. :-p

(no subject)

Date: 2012-05-12 04:35 pm (UTC)
ext_8103: (Default)
From: [identity profile] ewx.livejournal.com
I’m reasonably sure I’m in the clear on that one, I have just one globally routable address and even that’s at the whim of Virgin Media.

(no subject)

Date: 2012-05-13 07:17 pm (UTC)
From: [identity profile] perdita-fysh.livejournal.com
I do the same and find it quite disappointing that when you let even quite large and significant organisations know that they've allowed email addresses into the wild, they just don't care.

Me too.

Date: 2012-05-14 09:57 am (UTC)
From: (Anonymous)
I'm also getting spam via e-mail addresses I registered on LinkedIn. I have two accounts. One account is "real" and with an e-mail address which may or may not have been compromised via other routes.

However, the second account is one I set up ages ago for testing API functions on LinkedIn (as I didn't want to destroy my actual account). It has no connections and has done very little besides post some updates of "test" a year or so ago. The e-mail address associated with it is unlikely to be guessed.

Both of them started getting spam at the same time; first from Dice Stars and then from other Casino based organisations.
Flat | Top-Level Comments Only

Profile

ewx: (Default)
Richard Kettlewell
https://www.greenend.org.uk/rjk/

November 2025

S M T W T F S
      1
2345678
91011121314 15
1617 181920 2122
23242526272829
30      

Most Popular Tags

Active Entries

Expand Cut Tags

No cut tags
Top of page