Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
96
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
90
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
170
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
110
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.8k
Building APIs with GRPC, PHP, and Golang
cecyc
1
580
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
62
Other Decks in Technology
See All in Technology
東京大学「Agile-X」のFPGA AIデザインハッカソンを制したソニーのAI最適化
sony
0
170
ストレージエンジニアの仕事と、近年の計算機について / 第58回 情報科学若手の会
pfn
PRO
4
910
SRE × マネジメントレイヤーが挑戦した組織・会社のオブザーバビリティ改革 ― ビジネス価値と信頼性を両立するリアルな挑戦
coconala_engineer
0
300
AIとの協業で実現!レガシーコードをKotlinらしく生まれ変わらせる実践ガイド
zozotech
PRO
1
170
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
2
160
ソースを読む時の思考プロセスの例-MkDocs
sat
PRO
1
330
Okta Identity Governanceで実現する最小権限の原則
demaecan
0
210
.NET 10のBlazorの期待の新機能
htkym
0
160
SREのキャリアから経営に近づく - Enterprise Risk Managementを基に -
shonansurvivors
1
450
CLIPでマルチモーダル画像検索 →とても良い
wm3
1
640
スタートアップの現場で実践しているテストマネジメント #jasst_kyushu
makky_tyuyan
0
150
RemoteFunctionを使ったコロケーション
mkazutaka
1
150
Featured
See All Featured
Building Flexible Design Systems
yeseniaperezcruz
329
39k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.7k
BBQ
matthewcrist
89
9.9k
Faster Mobile Websites
deanohume
310
31k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
34
2.3k
Mobile First: as difficult as doing things right
swwweet
225
10k
What's in a price? How to price your products and services
michaelherold
246
12k
Making the Leap to Tech Lead
cromwellryan
135
9.6k
Building a Scalable Design System with Sketch
lauravandoore
463
33k
The Language of Interfaces
destraynor
162
25k
How to Think Like a Performance Engineer
csswizardry
27
2.2k
Being A Developer After 40
akosma
91
590k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
sony
pfn
coconala_engineer
zozotech
tammyeverts
sat
demaecan
htkym
shonansurvivors
wm3
makky_tyuyan
mkazutaka
yeseniaperezcruz
garrettdimon
matthewcrist
deanohume
marcduiker
swwweet
michaelherold
cromwellryan
lauravandoore
destraynor
csswizardry
akosma
