So there I was, drinking my chamomile tea and idly Googling myself (don’t judge), when I stumbled upon a headline that made my throat go dry: “LinkedIn data breach affects 700 million users.”

That’s… almost everyone on LinkedIn.

Including me.

And probably you.

Except…it wasn’t actually a breach (technically).

Scraping is not as wholesome as it sounds

According to Information Age, this wasn’t your typical cybercrime scenario with hackers in hoodies. This was scraping.

That’s right, bots quietly collecting public data from LinkedIn profiles like they were picking herbs in your digital garden.

No alarms, no broken firewalls, just a slow and silent sweep of names, job titles, email addresses, phone numbers, geolocations, and more.

LinkedIn’s defense? “It’s not a breach. Our system wasn’t hacked.”

Cool story, but when your full name, workplace, and email (as if I need more spam in my inbox) end up in a data bundle for sale on the dark web, does it really matter what we call it?

Just because it’s public doesn’t mean it’s polite

Scraping is like window shopping for personal data. Technically, what’s public is public, but depending on where you live, it can fall into a legal grey zone.

In South Africa, POPIA (Protection of Personal Information Act) puts strong emphasis on consent and responsible data processing. Same with Europe’s GDPR. Still, public profiles often slip through the cracks.

No one reads terms and conditions like bedtime stories, so of course I assumed LinkedIn was protecting me behind that blue-and-white professional façade.

But the truth is, if info’s publicly visible, it’s fair game for bots with no boundaries.

Password twins was a terrible idea

Even if no one broke into my account, the impact of this not-so-breach is very real. According to SpyCloud, over 60% of users reuse passwords across multiple platforms.

That means if I used my LinkedIn credentials somewhere else (like my bank, email, or even my frikking Netflix account), I’ve unintentionally opened the door to a potential disaster.

Even scarier? Government workers apparently reuse passwords 87% of the time. It’s giving national security nightmares.

LinkedIn’s response: A firm shrug

LinkedIn insists that scraping violates their terms of service, and they’re looking into it.

Which is good… but also the third time they’ve had to say that. In 2012, over 6.5 million accounts were compromised.

In 2021, another 500 million. Now, we’re looking at nearly 1 billion profiles exposed.

Being on LinkedIn used to feel like attending a classy networking brunch. Now it feels like someone’s rifling through everyone’s bags while we sip coffee and share career updates.

Some damage control with my coffee

We both know I’m not deleting my very detailed and curated LinkedIn tomorrow. But I will be:

• Changng my password (yes, again)
• Turning on two-factor authentication like it’s my job
• Hiding personal details like my phone number AND email (anyone who needs to “chat” can inbox me AFTER they add me on LinkedIn
• Running my email through Have I Been Pwned and cry gently if needed

Public is not protected (as I’ve now learned)

There’s no dramatic breach alert this time. Just a quiet scraping of the internet’s most curated version of you. Public doesn’t mean safe. And polished profiles don’t mean protected ones.

So yeah, update that headline. Post your job wins. But maybe—just maybe—skip the phone number.

Sources:

• The LinkedIn Data Breach That Wasn’t – Information Age
• AT&T ThreatTraq YouTube Video