Trak.in is a popular Indian Business, Technology, Mobile & Startup blog featuring trending News, views and analytical take on Technology, Business, Finance, Telecom, Mobile, startups & Social Media Space

Linkedin Privacy Issues go from bad to worse!

2

Problems just doesn’t seem to end for LinkedIn. It was just a few days ago when the privacy concerns of LinkedIn’s iOS application came to light, but that wasn’t the end to LinkedIn’s troubles. As many as 6.5millions user passwords were compromised according to CNet.

LinkedIn though initially denied the report, later reported on its blog about the possible leak. Vicente Silveira, a director at LinkedIn confirmed on LinkedIn confirmed in a blog post – “We sincerely apologize for the inconvenience this has caused our members. We take the security of our members very seriously.

LinkedIn has gone ahead and blocked the passwords of all the affected users while sending individual emails with instructions to reset the passwords. To avoid concerns of a phishing attack, LinkedIn has not attached a link in these mails.

LinkedIn has a user base of more than 161 million users of which 61% are from outside the United States. Besides LinkedIn, the dating site eHarmony also reported a breach with more than 6.5 million passwords being stolen.

Unfortunately for LinkedIn though, this was not the only trouble it had to go through in the last week.

Last week researchers Yair Amit and Adi Sharabani from Tel Aviv University discovered a major privacy issue with LinkedIn’s iOS application. It seems the application which allows users to view their iOS calendars within the application has been sending information back to LinkedIn servers.

The researchers explain that the application using this information locally is acceptable, but sending such information back to LinkedIn servers can be considered a threat on privacy. Since the user is not aware of such a transfer of information, it also violates Apple’s privacy policy on how application should obtain the user’s prior permission and also should clearly inform about how this data would be used by LinkedIn.

The study suggests that information like meeting title, organizer and attendees, location, time and meeting notes are send back to LinkedIn. This could be a major worry if meeting notes contain sensitive information which could be dangerous in the hands of competitors.

The researchers are still puzzled why LinkedIn is collecting and sending such information to its servers, since these are not required for running the application.

According to the researchers “In order to implement their acclaimed feature of synchronizing between the people you meet and their LinkedIn profile, all LinkedIn need is unique identifiers of the people you are going to meet with, not all the details of your planned meetings; details such as meeting schedule, location, title or notes, which tend to be sensitive in particular for organizations, are irrelevant for this task

While I was composing this article, much to my dismay even I received a mail from LinkedIn prompting me to change my password, thus putting me in panic mode. Below is an extract of the mail I received.

image

With things going from bad to worse for LinkedIn, it would be interesting to watch how the Professional Social Network with its 161 million patrons would be able to retain its user’s confidence.

The next few days would be a test LinkedIn’s marketing & PR team while the technical team tries to fix the password and iOS mess.

  1. […] the lack of protection employed by yet another popular website. It wasn’t very long ago that LinkedIn users’ passwords were exposed in plain text, calling for the need for better protection to be […]

  2. Rick Sontell says

    Linkedin is on the way to actually becoming a worse violater of privacy issues than Facebook. As Facebook is finding now, Linkedin will start quickly losing users who feel that they have crossed the line of privacy and are fed up with their personal information being sold off to giant corporations that will undoubtably misuse it for their benefit and the user’s demise. I have seen several examples of carreers being ruined by Linkedin users having been associated with undesireables on thier page without their control or ability to de-list the person.

Leave A Reply

Your email address will not be published.

who's online