Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
94
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
86
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
150
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
97
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.8k
Building APIs with GRPC, PHP, and Golang
cecyc
1
580
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
61
Other Decks in Technology
See All in Technology
サービスを止めるな! DDoS攻撃へのスマートな備えと最前線の事例
coconala_engineer
1
180
Snowflake Intelligenceという名のAI Agentが切り開くデータ活用の未来とその実現に必要なこと@SnowVillage『Data Management #1 Summit 2025 Recap!!』
ryo_suzuki
1
160
Amazon SNSサブスクリプションの誤解除を防ぐ
y_sakata
3
190
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
6.9k
ABEMAの本番環境負荷試験への挑戦
mk2taiga
5
1.3k
SREのためのeBPF活用ステップアップガイド
egmc
2
1.3k
「現場で活躍するAIエージェント」を実現するチームと開発プロセス
tkikuchi1002
3
350
クラウド開発の舞台裏とSRE文化の醸成 / SRE NEXT 2025 Lunch Session
kazeburo
1
590
Amplify Gen2から知るAWS CDK Toolkit Libraryの使い方/How to use the AWS CDK Toolkit Library as known from Amplify Gen2
fossamagna
1
350
Autify Company Deck
autifyhq
2
44k
United™️ Airlines®️ Customer®️ USA Contact Numbers: Complete 2025 Support Guide
flyunitedguide
0
800
対話型音声AIアプリケーションの信頼性向上の取り組み
ivry_presentationmaterials
3
1.1k
Featured
See All Featured
A better future with KSS
kneath
238
17k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
5.9k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
340
Optimizing for Happiness
mojombo
379
70k
Building an army of robots
kneath
306
45k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Why Our Code Smells
bkeepers
PRO
337
57k
KATA
mclloyd
30
14k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.9k
The Pragmatic Product Professional
lauravandoore
35
6.7k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
coconala_engineer
ryo_suzuki
y_sakata
sansan33
mk2taiga
egmc
tkikuchi1002
kazeburo
fossamagna
autifyhq
flyunitedguide
ivry_presentationmaterials
kneath
bkeepers
kevinliebholz
iamctodd
tammyeverts
mojombo
yeseniaperezcruz
mclloyd
geoffreycrofte
lauravandoore
