Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
4.4k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
76
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
130
The Joy of CSS: RailsConf 2019
cecyc
0
140
RubyConf 2018 Psychology of Fake News
cecyc
0
78
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
110
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
48
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.5k
Building APIs with GRPC, PHP, and Golang
cecyc
1
450
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
47
Other Decks in Technology
See All in Technology
長期間TiDBを使ってきた話 @ 私たちはなぜNewSQLを使うのかTiDB選定5社が語る選定理由と活用LT / Experiences with TiDB Over Time
chibiegg
2
900
LangSmith入門―トレース/評価/プロンプト管理などを担うLLMアプリ開発プラットフォーム
os1ma
3
310
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
140
TechFeed Experts Night#27 〜 フロントエンドフレームワーク最前線 (Svelte)
baseballyama
1
530
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
480
On Your Data を超えていく!
hirotomotaguchi
2
690
AOAI をきっかけに 社内の Azure 管理を見直した話
recruitengineers
PRO
1
300
チームでロジカルシンキングに改めて向き合っている話 〜学習環境と実践⽅法〜
sansantech
PRO
3
2.6k
Building Dashboards as a Hobby
egmc
0
230
今年のRubyKaigiはProfiler Year🤘
osyoyu
0
170
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
530
Cloud Native Java with Spring Boot (CNCF Aarhus, April 2024)
thomasvitale
1
170
Featured
See All Featured
The World Runs on Bad Software
bkeepers
PRO
61
6.7k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
659
120k
Git: the NoSQL Database
bkeepers
PRO
422
63k
Rails Girls Zürich Keynote
gr2m
91
13k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k
Faster Mobile Websites
deanohume
299
30k
StorybookのUI Testing Handbookを読んだ
zakiyama
13
4.6k
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
A Tale of Four Properties
chriscoyier
151
22k
Facilitating Awesome Meetings
lara
42
5.6k
A Philosophy of Restraint
colly
197
16k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!