Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
100
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
93
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
180
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
120
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.9k
Building APIs with GRPC, PHP, and Golang
cecyc
1
590
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
65
Other Decks in Technology
See All in Technology
ファインディの横断SREがTakumi byGMOと取り組む、セキュリティと開発スピードの両立
rvirus0817
1
1.3k
AI駆動開発を事業のコアに置く
tasukuonizawa
1
130
クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)
capytan
6
2.7k
Agile Leadership Summit Keynote 2026
m_seki
1
570
データ民主化のための LLM 活用状況と課題紹介(IVRy の場合)
wxyzzz
2
700
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
10k
OCI Database Management サービス詳細
oracle4engineer
PRO
1
7.4k
What happened to RubyGems and what can we learn?
mikemcquaid
0
250
usermode linux without MMU - fosdem2026 kernel devroom
thehajime
0
230
プロポーザルに込める段取り八分
shoheimitani
1
190
20260204_Midosuji_Tech
takuyay0ne
1
140
変化するコーディングエージェントとの現実的な付き合い方 〜Cursor安定択説と、ツールに依存しない「資産」〜
empitsu
4
1.3k
Featured
See All Featured
Amusing Abliteration
ianozsvald
0
97
Information Architects: The Missing Link in Design Systems
soysaucechin
0
770
What's in a price? How to price your products and services
michaelherold
247
13k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
akihiro_kokubo
PRO
66
36k
The Cult of Friendly URLs
andyhume
79
6.8k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
750
Abbi's Birthday
coloredviolet
1
4.7k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
aleyda
1
1.9k
Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth
auna
0
51
Context Engineering - Making Every Token Count
addyosmani
9
650
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.8k
Making the Leap to Tech Lead
cromwellryan
135
9.7k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
rvirus0817
tasukuonizawa
capytan
m_seki
wxyzzz
fullkaiten
oracle4engineer
mikemcquaid
thehajime
shoheimitani
takuyay0ne
empitsu
ianozsvald
soysaucechin
michaelherold
akihiro_kokubo
andyhume
bluesmoon
coloredviolet
aleyda
auna
addyosmani
reverentgeek
cromwellryan
