Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
LinkedIn Data Breach 2012 Case Study
Search
Cecy C.
November 30, 2021
Technology
0
5.1k
LinkedIn Data Breach 2012 Case Study
Case Study presented for Beyond the Code: Cybersecurity in Context, UC Berkeley, MICS Fall 2021
Cecy C.
November 30, 2021
Tweet
Share
More Decks by Cecy C.
See All by Cecy C.
Surviving Code Reviews & Tech Interviews
cecyc
0
99
Vulnerability True: Surviving Brutal Code Reviews and Tech Interviews
cecyc
0
160
The Joy of CSS: RailsConf 2019
cecyc
0
170
RubyConf 2018 Psychology of Fake News
cecyc
0
93
A Retro of Retros: How Sprint Retrospectives Can Be Both Fun and Productive
cecyc
0
170
MONKTOBERFEST 2018: Psychology of Fake News
cecyc
0
110
From Monolith to Microservice: Building APIs with gRPC & golang
cecyc
3
1.8k
Building APIs with GRPC, PHP, and Golang
cecyc
1
590
The Psychology of Fake News (And What Tech Can Do About It)
cecyc
1
64
Other Decks in Technology
See All in Technology
AI時代の戦略的アーキテクチャ 〜Adaptable AI をアーキテクチャで実現する〜 / Enabling Adaptable AI Through Strategic Architecture
bitkey
PRO
14
6.8k
DDD x Microservice Architecture : Findy Architecture Conf 2025
syobochim
12
3k
技術広報のOKRで生み出す 開発組織への価値 〜 カンファレンス協賛を通して育む学びの文化 〜 / Creating Value for Development Organisations Through Technical Communications OKRs — Nurturing a Culture of Learning Through Conference Sponsorship —
pauli
5
490
大規模モノレポの秩序管理 失速しない多言語化フロントエンドの運用 / JSConf JP 2025
shoota
0
290
新しい風。SolidFlutterで実現するシンプルな状態管理
zozotech
PRO
0
130
Javaコミュニティの歩き方 ~参加から貢献まで、すべて教えます~
tabatad
0
140
明日から真似してOk!NOT A HOTELで実践している入社手続きの自動化
nkajihara
1
870
その意思決定、まだ続けるんですか? ~痛みを超えて未来を作る、AI時代の撤退とピボットの技術~
applism118
19
12k
プロダクト負債と歩む持続可能なサービスを育てるための挑戦
sansantech
PRO
1
610
PostgreSQL で列データ”ファイル”を利用する ~Arrow/Parquet を統合したデータベースの作成~
kaigai
0
140
SRE視点で振り返るメルカリのアーキテクチャ変遷と普遍的な考え
foostan
2
410
Axon Frameworkのイベントストアを独自拡張した話
zozotech
PRO
0
220
Featured
See All Featured
Making Projects Easy
brettharned
120
6.5k
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
980
Designing Experiences People Love
moore
142
24k
The Power of CSS Pseudo Elements
geoffreycrofte
80
6.1k
Build The Right Thing And Hit Your Dates
maggiecrowley
38
2.9k
4 Signs Your Business is Dying
shpigford
186
22k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.5k
Building a Modern Day E-commerce SEO Strategy
aleyda
45
8.1k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
46
7.8k
Java REST API Framework Comparison - PWX 2021
mraible
34
9k
Reflections from 52 weeks, 52 projects
jeffersonlam
355
21k
Transcript
Cecy Correa // UC Berkeley MICS 2021 LINKEDIN 2012 DATA
BREACH CASE STUDY
1. The Hack How it happened Tracing & attribution 2.
Impact LinkedIn class action suit United States v. Nikulin 3. Current day Agenda
Using LinkedIn to Hack LinkedIn A little social engineering
4
5 (dramatic re-enactment of hacking into a server)
3 months later... Hack is uncovered on a message forum
7
Food for Thought A look back at Conficker
Hackers always leave a trace Tracing & Attribution
None
Assessing impact Legal repercussions
6.5 million accounts
100+ million accounts
LinkedIn Class Action Lawsuit Lawsuit cites LinkedIn’s inability to: •
Use strong encryption • Salt their passwords LinkedIn settles for over 1 million USD
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
1. Secure configuration of hardware and software 2. Controlled use
of admin privileges Mitigation & CIS Controls
17
Food for Thought What do you think of the verdict?
Current day Where are they now?
20
21
22
Food for Thought Hack or no hack?
Read more at: cecy.dev Thank you!
cecyc
bitkey
syobochim
pauli
shoota
zozotech
tabatad
nkajihara
applism118
sansantech
kaigai
foostan
brettharned
denniskardys
addyosmani
moore
geoffreycrofte
maggiecrowley
shpigford
thoeni
aleyda
eileencodes
mraible
jeffersonlam
