Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
100
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
93
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
180
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
120
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.9k
Building APIs with GRPC, PHP, and Golang
cecyc
1
590
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
65
Other Decks in Technology
See All in Technology
Agile Leadership Summit Keynote 2026
m_seki
1
550
データの整合性を保ちたいだけなんだ
shoheimitani
8
3k
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
220
Introduction to Sansan for Engineers / エンジニア向け会社紹介
sansan33
PRO
6
68k
GitLab Duo Agent Platform × AGENTS.md で実現するSpec-Driven Development / GitLab Duo Agent Platform × AGENTS.md
n11sh1
0
130
ZOZOにおけるAI活用の現在 ~開発組織全体での取り組みと試行錯誤~
zozotech
PRO
5
4.9k
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
soudai
PRO
12
5k
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.5k
Deno・Bunの標準機能やElysiaJSを使ったWebSocketサーバー実装 / ラーメン屋を貸し切ってLT会! IoTLT 2026新年会
you
PRO
0
300
20260204_Midosuji_Tech
takuyay0ne
1
140
顧客の言葉を、そのまま信じない勇気
yamatai1212
1
340
プロポーザルに込める段取り八分
shoheimitani
1
180
Featured
See All Featured
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
380
The browser strikes back
jonoalderson
0
360
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
180
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.4k
Done Done
chrislema
186
16k
Abbi's Birthday
coloredviolet
1
4.7k
Navigating Team Friction
lara
192
16k
Building the Perfect Custom Keyboard
takai
2
680
Measuring & Analyzing Core Web Vitals
bluesmoon
9
750
A Modern Web Designer's Workflow
chriscoyier
698
190k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
249
1.3M
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
m_seki
shoheimitani
slsops
sansan33
n11sh1
zozotech
soudai
oracle4engineer
you
takuyay0ne
yamatai1212
marktimemedia
jonoalderson
davetheseo
lemiorhan
sergeychernyshev
chrislema
coloredviolet
lara
takai
bluesmoon
chriscoyier
sugarenia
