News broke on January 7th 2014 that LinkedIn Corp, who are the operators of the world’s largest professional social media site, LinkedIn claimed that hackers who were making use of an automated software, had created thousands of fake member accounts. In addition, the hackers had made use of genuine data which had been copied from actual member pages in order to create the fraudulent accounts.
This practice, which is known as “scraping”, is in direct violation of the platform’s user agreements. The practice also breaches a number of U.S. federal and state computer fraud laws. LinkedIn Corp officially filed a complaint against the unknown hackers on January 6th 2014, to the San Francisco federal court. The company further complained that through their actions the hackers had “strained and disrupted” LinkedIn’s network of computers. The actions were also reported to have reduced the value of the LinkedIn Recruiter service. The service is a fee based service which a number of Fortune 100 companies utilise. According to the complaint, the service is also the platforms single fastest growing offering.
Jonathon Blavin, a lawyer who is representing LinkedIn Corp, stated in the complaint that “It (the hacking) undermines the integrity and effectiveness of LinkedIn’s professional network by polluting it with thousands of fake member profiles.”
In period between May 2013 and January 2014, the hackers are claimed to have successfully circumvented LinkedIn’s numerous security mechanisms and created thousands of new fake member accounts. The company stated in the complaint that these fraudulent accounts provide the hackers with access to the details and information contained within hundreds of thousands members each day. Although the identity of the hackers remains unknown, it has been identified that the individuals gained access to LinkedIn through a cloud based computer platform. The platform in question is provided by Amazon Web Services. LinkedIn revealed that they intended to discover the identity of the hackers who created the fictitious accounts by issuing the Amazon service with a number of subpoenas. Amazon.com Inc, is not listed as one of the defendants.
In a statement, LinkedIn stated that it has successfully tracked the activities of the fake member profiles and has also successfully disabled them. LinkedIn is seeking a court order outcome which bans the practice of creating fake accounts and compensates damages which have been unspecified. Hani Durzy, a spokesman for LinkedIn which is based in Mountain View, California, stated, “we are a members-first organisation. Due to this we feel that we have a responsibility to protect the control which our members have over the content and information they put on LinkedIn.
LinkedIn is not the only social media platform to have fought public battles with hackers who have created fake accounts. Twitter Inc. has also had similar issues. These struggles were evident in Twitter’s prospectus for their Initial Public Offering which they released in November 2013. In the prospectus, Twitter listed “spam” as a risk factor which had the ability to “hurt our reputation for delivering our users with relevant content, or reduce user growth and user engagement and result in continuing operational costs for us.” In a statement, Twitter estimated that fake accounts made up no more than 5% of the platforms total users. However, Twitter also stated that it was hard for them to be sure of the exact figure. The prospectus for their Initial Public Offering revealed that the figure could in fact be higher than their 5% estimation. The LinkedIn case is, LinkedIn v. Does, 14-cv-00068, U.S. District Court, Northern District of California (San Francisco).