Hacked off. My LinkedIN Hack Attack Stats
Yesterday I found myself in a bit of a nightmare. I woke up to find my LinkedIN account had been hacked, and I was receiving around one message a minute from my network of clients, colleagues, friends and peers.
So what happened?
I don't exactly know how, probably an associated mobile app, but my LinkedIN account was hacked and the platform shut me out entirely. My recovery emails and two step verification was rendered obsolete and I couldn't use my phone number to unblock it. Perhaps the most surprising part, is that in just the few hours it took for me to find this out, hackers had managed to contact 4,723 people in my LinkedIN network and sent an agency brief attached. They opened up 75 two-way conversations which were so convincingly from me, I had to look twice to see if I'd actually written them. Unfortunately some people had shared their private email addresses and phone numbers (I urge you to never do this in an LinkedIN message anyway). I haven't quite worked out if these conversations were initiated by an AI powered chatbot, or humans, but the security team seem to think it could be a cleverly automated machine - scary stuff!
The stark realisation that I was inadvertently sending thousands of people in my network a rather convincing message about a potential agency brief was at worst shock and awe and and at best pretty embarrassing. Not least because I run an agency, inhabit the digital world, and advise people on LinkedIN outreach programmes. But most of all because I consider myself pretty security conscious and like to think I avoid all the obvious mistakes.
When life gives you lemons
For a vast number of people our business networks are now our LinkedIN networks, an open source database if you will, that contains thousands of people I have known and worked with for over twenty years. Some who I work with regularly, others who I've lost regular communication with. What I realised is that this could present me with an opportunity to run some data analysis on my contacts, and potentially review how effective LinkedIN actually is as a real time networking tool.
What is interesting is the numbers. For you direct marketers out there, the hackers sent out 4,723 messages along with an attachment. Thankfully only a proportion of my connections. They did this between 11pm and 6am the following morning, which was the time I found out and managed to contact the LinkedIN security team. Out of 4,723 people, 3,919 were opened / viewed by mid-day. That's an 83% open rate. I think this is staggering high considering most of my network are in GMT and would therefore have only had a few hours to have seen it. What's even more interesting is that 37% of those who opened the message thought to respond to me, contact me to get involved, to check if it was legit, or simply warn me of the impending tidal wave. 19% did so via email outside of the platform which I think shows real concern and connection, and one person phoned me - which I am very touched by. One unexpected outcome is that the whole ordeal has reignited a number of connections that I hadn't spoken to for a number of years - and am now set to meet up with again.
So what this unfortunate incident has shown me is that my LinkedIN network is a far more engaged humanised community than I had possibly thought, and although I'm fairly active on the platform, and use it mostly for recruiting agency folk and building the AgencyUK brand, I had perhaps lost sight of just how well it enables us to keep our business connections alive.
I wouldn't wish it on anyone - but if you do get hacked it's nice to know so many people have your back.