Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.2k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
100
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
170
The Joy of CSS: RailsConf 2019
cecyc
0
180
RubyConf 2018 Psychology of Fake News
cecyc
0
94
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
180
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
120
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.9k
Building APIs with GRPC, PHP, and Golang
cecyc
1
600
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
67
Other Decks in Technology
See All in Technology
OCI技術資料 : 証明書サービス概要
ocise
1
7.1k
SaaSに宿る21g
kanyamaguc
2
180
AWS Systems Managerのハイブリッドアクティベーションを使用したガバメントクラウド環境の統合管理
toru_kubota
1
180
Bill One 開発エンジニア 紹介資料
sansan33
PRO
5
18k
GitHub Copilot CLI で Azure Portal to Bicep
tsubakimoto_s
0
280
Astro Islandsの 内部実装を 「日本で一番わかりやすく」 ざっくり解説!
knj
0
300
Sansanの認証基盤を支えるアーキテクチャとその振り返り
sansantech
PRO
1
110
CloudFrontのHost Header転送設定でパケットの中身はどう変わるのか?
nagisa53
1
220
Datadog で実現するセキュリティ対策 ~オブザーバビリティとセキュリティを 一緒にやると何がいいのか~
a2ush
0
170
PostgreSQL 18のNOT ENFORCEDな制約とDEFERRABLEの関係
yahonda
0
140
Physical AI on AWS リファレンスアーキテクチャ / Physical AI on AWS Reference Architecture
aws_shota
1
170
Bref でサービスを運用している話
sgash708
0
200
Featured
See All Featured
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.1k
Ethics towards AI in product and experience design
skipperchong
2
240
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
91
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1.1k
Evolving SEO for Evolving Search Engines
ryanjones
0
170
Claude Code のすすめ
schroneko
67
220k
GraphQLとの向き合い方2022年版
quramy
50
14k
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
130
How To Speak Unicorn (iThemes Webinar)
marktimemedia
1
420
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.3k
The Limits of Empathy - UXLibs8
cassininazir
1
270
Building Adaptive Systems
keathley
44
3k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
ocise
kanyamaguc
toru_kubota
sansan33
tsubakimoto_s
knj
sansantech
nagisa53
a2ush
yahonda
aws_shota
sgash708
inesmontani
skipperchong
stuffmc
tammyeverts
ryanjones
schroneko
quramy
codingconduct
marktimemedia
cassininazir
keathley
