Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
94
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
160
RubyConf 2018 Psychology of Fake News
cecyc
0
86
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
150
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
95
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.8k
Building APIs with GRPC, PHP, and Golang
cecyc
1
570
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
61
Other Decks in Technology
See All in Technology
Prox Industries株式会社 会社紹介資料
proxindustries
0
280
MySQL5.6から8.4へ 戦いの記録
kyoshidaxx
1
200
Model Mondays S2E02: Model Context Protocol
nitya
0
220
生成AI活用の組織格差を解消する 〜ビジネス職のCursor導入が開発効率に与えた好循環〜 / Closing the Organizational Gap in AI Adoption
upamune
1
810
製造業からパッケージ製品まで、あらゆる領域をカバー!生成AIを利用したテストシナリオ生成 / 20250627 Suguru Ishii
shift_evolve
PRO
1
140
OpenHands🤲にContributeしてみた
kotauchisunsun
1
430
LinkX_GitHubを基点にした_AI時代のプロジェクトマネジメント.pdf
iotcomjpadmin
0
170
mrubyと micro-ROSが繋ぐロボットの世界
kishima
2
250
20250625 Snowflake Summit 2025活用事例 レポート / Nowcast Snowflake Summit 2025 Case Study Report
kkuv
1
310
Postman AI エージェントビルダー最新情報
nagix
0
110
Understanding_Thread_Tuning_for_Inference_Servers_of_Deep_Models.pdf
lycorptech_jp
PRO
0
120
エンジニア向け技術スタック情報
kauche
1
250
Featured
See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
29
9.5k
Code Review Best Practice
trishagee
68
18k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
For a Future-Friendly Web
brad_frost
179
9.8k
GitHub's CSS Performance
jonrohan
1031
460k
Build The Right Thing And Hit Your Dates
maggiecrowley
36
2.8k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
Facilitating Awesome Meetings
lara
54
6.4k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
130
19k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.8k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.7k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
proxindustries
kyoshidaxx
nitya
upamune
shift_evolve
kotauchisunsun
iotcomjpadmin
kishima
kkuv
nagix
lycorptech_jp
kauche
eileencodes
trishagee
lauravandoore
brad_frost
jonrohan
maggiecrowley
kastner
lara
morganepeng
wjessup
geoffreycrofte
danielanewman
