Has LinkedIn lost control of its user email database?
The email address that I created exclusively for my (much reviled) LinkedIn account has just received a virus. Does this mean their database of user emails has been leaked? Compromised? Sold?
Or are their systems just sufficiently poor that the email has leaked through other means?
36 comments
[ 3.3 ms ] story [ 86.2 ms ] threadEdit: To those who are downvoting - the comment to which I'm replying says:
Firstly, the address does not end with the domain of a popular e-mail provider, hence the email address to which I'm receiving these unwanted emails is not of that form. Thus my reply is true, and informative.It's also neither a random user at the domain, nor a dictionary element, nor a simple variant on a dictionary element, nor short, nor public (until now), nor falls into any of the formats I see and deduce from the dictionary attacks on the servers I run. And it is long, and has internal structure. Thus is is, again, not of the form being described in my comment.
So thank you for the down-votes, but I feel that my comment is true, relevant, and justified.
Perhaps you intended to reply to a different comment.
Edit: To those who are down-voting this - thank you for the reality check. I don't understand why you think my comment is of negative value, but it reminds me that not everyone thinks the same way.
And while I didn't downvote you, if I'd seen a reply like this to someone else, I might very well have done so rather than bother to reply, seeing as you've quoted three paragraphs just to dismiss a valid suggestion because you for some reason don't think it fits in this location in the thread.
So to re-iterate, I didn't dismiss your comment, I just thought it would be better placed where others were already making the same or similar points. I'm sorry I didn't make myself clearer, and apologise.
Thank you for taking the time to explain.
I've been wondering how they got my email...
I've always wondered how these things were taking place but never took the time to investigate because of how infrequent the occurrences were. It usually takes a while to unsubscribe from these services via email, so I just mark as SPAM. I just looked and they're still sending stuff, at least some are. I just removed all people I didn't know from shaking their hand from my connections; which includes recruiters that only request invitation to connect to talk about a job opportunity.
I wonder if LinkedIn knows about this sort of Growth Hacking type of SPAM or just doesn't care?
I started receiving spam (the dumbest, v1agra type) to tumblr@mydomain.tld which I think I have only used for tumblr and years ago since I let my account be purged at some ToS change a while back. Although I might have also used it for a service merely associated with tumblr.
If you started getting spam to tumblr.w8ke2iowieiu3k3@example.org then I'd be suspicious. (I must remember to do this for new things I sign up to.)
[0] https://news.ycombinator.com/item?id=8367103
[1] https://news.ycombinator.com/item?id=8367296
I must remember to do this for new things I sign up to.
It is a good idea.
I'd guess it's related to LinkedIn or GitHub as this particular address is only publicly/semi-publicly used on those two sites.
They are also passing the gmail filter which is quite impressive in itself.
Edit: That's based on a quick look in my spam folder, not anything statistically sound.