Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
96
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
90
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
170
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
110
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.8k
Building APIs with GRPC, PHP, and Golang
cecyc
1
580
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
62
Other Decks in Technology
See All in Technology
コンパウンド組織のCRE #cre_meetup
layerx
PRO
1
270
serverless team topology
_kensh
3
230
20251027_マルチエージェントとは
almondo_event
1
450
Zero Trust DNS でより安全なインターネット アクセス
murachiakira
0
100
AI時代、“平均値”ではいられない
uhyo
8
2.6k
スタートアップの現場で実践しているテストマネジメント #jasst_kyushu
makky_tyuyan
0
130
QA業務を変える(!?)AIを併用した不具合分析の実践
ma2ri
0
150
Open Table Format (OTF) が必要になった背景とその機能 (2025.10.28)
simosako
2
330
AIでデータ活用を加速させる取り組み / Leveraging AI to accelerate data utilization
okiyuki99
1
630
From Natural Language to K8s Operations: The MCP Architecture and Practice of kubectl-ai
appleboy
0
240
OTEPsで知るOpenTelemetryの未来 / Observability Conference Tokyo 2025
arthur1
0
260
Azure Well-Architected Framework入門
tomokusaba
1
130
Featured
See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
36
6.1k
Art, The Web, and Tiny UX
lynnandtonic
303
21k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.2k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.1k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.7k
A Modern Web Designer's Workflow
chriscoyier
697
190k
Facilitating Awesome Meetings
lara
57
6.6k
Building Applications with DynamoDB
mza
96
6.7k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
130k
KATA
mclloyd
PRO
32
15k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
10
620
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!