The Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD), noted from foreign media reports that the personal data of users of the employment-oriented social media platform LinkedIn were allegedly scraped and sold online. Given that the personal data at stake may include names, email addresses, telephone numbers, career profiles, etc., the PCPD has taken immediate actions and contacted LinkedIn to ascertain particulars of the incident. In its initial response, LinkedIn indicated that it was investigating the matter. Hong Kong users might be affected but the number was still under investigation.
The PCPD has issued a letter of enquiry to LinkedIn to seek clarifications. The PCPD reminded LinkedIn that if it was found that Hong Kong users were affected, it should notify the affected users as soon as possible to mitigate the risks arising from the incident. The PCPD will continue to follow up the matter.
The PCPD also noted from LinkedIn’s response to media enquiries that the disclosed data set appeared to include publicly viewable information that was scraped from LinkedIn, together with data aggregated from other websites or companies.
The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Ms Ada CHUNG Lai-ling, appeals to LinkedIn users to be vigilant about potential theft of personal data. If they are in doubt about whether their personal data have been leaked, they may make enquiries with the social media platform concerned or make enquiries/complaints to the PCPD (telephone: 2827 2827; email: communications@pcpd.org.hk). To protect personal data privacy, users are advised to take the following measures: -