LinkedIn has filed a lawsuit in the Northern California federal district court against unspecified individuals over the use of bots to mine data from users’ profiles. According to the lawsuit, the bots were used to register “thousands” of LinkedIn accounts for the purpose of mining information from other — real — accounts. Such activities were reportedly going on since May of last year in violation of both the website’s user agreement and, says the company, applicable computer security laws.
The unspecified individuals apparently pulled off their data heist using an Amazon Web Services account, something to which LinkedIn now wants Amazon to hand over the account owners’ names. The use of thousands of fake accounts, says LinkedIn, indicates the individuals responsible knew the company’s limitations on individual accounts, prompting them to bypass it. Those profiles have now been disabled since being discovered.
Beyond the lack of responsible parties’ names, it isn’t known what the schemers planned to do with the trove of mined data — it is reasonable to assume it was destined for sale or some blackhat Internet shadow, but until the individuals are identified and offer up an explanation, that’s left up to speculation.
Said the company in its filing: “The Doe Defendants’ unlawful conduct threatens the LinkedIn platform in several ways. It undermines the integrity and effectiveness of LinkedIn’s professional network by polluting it with thousands of fake member profiles. Moreover, by pilfering data from the LinkedIn site, the Doe Defendants threaten to degrade the value of LinkedIn’s recruiter product, in which LinkedIn has invested substantially over the years.”
SOURCE: Information Week