LinkedIn Data Breach 2012 Case Study

November 30, 2021

5.1k

LinkedIn Data Breach 2012 Case Study

Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021

Cecy C.

November 30, 2021

Tweet

More Decks by Cecy C.

See All by Cecy C.

Surviving Code Reviews & Tech Interviews

0

100

Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews

0

160

The Joy of CSS: RailsConf 2019

0

170

RubyConf 2018 Psychology of Fake News

0

93

A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive

0

170

MONKTOBERFEST 2018: Psychology of Fake News

0

110

From Monolith to Microservice: Building APIs with gRPC & golang

3

1.8k

Building APIs with GRPC, PHP, and Golang

1

590

The Psychology of Fake News (And What Tech Can Do About It)

1

64

Other Decks in Technology

See All in Technology

Next.js 16の新機能 Cache Components について

0

190

Oracle Database@AWS：サービス概要のご紹介

oracle4engineer

PRO

1

410

半年で、AIゼロ知識から AI中心開発組織の変革担当に至るまで

0

150

特別捜査官等研修会

0

580

AWSの新機能をフル活用した「re:Inventエージェント」開発秘話

2

470

2025-12-18_AI駆動開発推進プロジェクト運営について / AIDD-Promotion project management

0

160

100以上の新規コネクタ提供を可能にしたアーキテクチャ

0

260

日本の AI 開発と世界の潮流 / GenAI Development in Japan

1

490

Amazon Quick Suite で始める手軽な AI エージェント

2

1.9k

Bedrock AgentCore Memoryの新機能 (Episode) を試してみた / try Bedrock AgentCore Memory Episodic functionarity

2

1.9k

アラフォーおじさん、はじめてre:Inventに行く / A 40-Something Guy’s First re:Invent Adventure

0

160

Knowledge Work の AI Backend

PRO

0

280

Featured

See All Featured

Fashionably flexible responsive web design (full day workshop)

407

66k

Organizational Design Perspectives: An Ontology of Organizational Design Elements

PRO

0

45

The Invisible Side of Design

302

51k

Leveraging Curiosity to Care for An Aging Population

1

130

Winning Ecommerce Organic Search in an AI Era - #searchnstuff2025

0

1.8k

Exploring the relationship between traditional SERPs and Gen AI search

raygrieselhuber

PRO

2

3.4k

16th Malabo Montpellier Forum Presentation

PRO

0

31

From Legacy to Launchpad: Building Startup-Ready Communities

0

110

Money Talks: Using Revenue to Get Sh*t Done

0

120

Claude Code どこまでも/ Claude Code Everywhere

61

50k

Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI

0

38

Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure

48

9.8k

Transcript

Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conﬁcker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure conﬁguration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure conﬁguration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!