Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
100
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
170
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
93
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
180
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
120
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.9k
Building APIs with GRPC, PHP, and Golang
cecyc
1
590
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
65
Other Decks in Technology
See All in Technology
ソフトウェアアーキテクトのための意思決定術: Create Decision Readiness—The Real Skill Behind Architectural Decision
snoozer05
PRO
27
8.2k
マネージャー版 "提案のレベル" を上げる
konifar
7
2.5k
AI Agentにおける評価指標とAgent GPA
tsho
1
270
競争優位を生み出す戦略的内製開発の実践技法
masuda220
PRO
2
530
Datadog Cloud Cost Management で実現するFinOps
taiponrock
PRO
0
100
パネルディスカッション資料 (at Tableau Now! - 2026-02-26)
yoshitakaarakawa
0
1k
三菱UFJ銀行におけるエンタープライズAI駆動開発のリアル / Enterprise AI_Driven Development at MUFG Bank: The Real Story
muit
10
20k
What's new in Go 1.26?
ciarana
2
280
OCI技術資料 : 外部接続 VPN接続 詳細
ocise
1
10k
Snowflake Night #2 LT
taromatsui_cccmkhd
0
310
ヘルシーSRE
tk3fftk
2
220
オンプレとGoogle Cloudを安全に繋ぐための、セキュア通信の勘所
waiwai2111
3
1.1k
Featured
See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
380
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
480
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
1.8k
Stop Working from a Prison Cell
hatefulcrawdad
274
21k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
We Are The Robots
honzajavorek
0
190
How GitHub (no longer) Works
holman
316
140k
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4k
Statistics for Hackers
jakevdp
799
230k
Google's AI Overviews - The New Search
badams
0
930
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
snoozer05
konifar
tsho
masuda220
taiponrock
yoshitakaarakawa
muit
ciarana
ocise
taromatsui_cccmkhd
tk3fftk
waiwai2111
stephaniewalter
reverentgeek
tomoyanonymous
aleyda
hatefulcrawdad
erikaheidi
caitiem20
honzajavorek
holman
ipullrank
jakevdp
badams
