As if LinkedIn didn’t have enough problems this week, following the disclosure that they had been hacked and millions of passwords posted on a Russian server, Israeli experts point out they have another security problem. Sagi Cohen reports:
International social network LinkedIn is collecting personal information from its users without their consent, according to Israeli computer security experts.
The business-networking giant’s app for Apple’s iPad and iPhone has an opt-in feature that allows users to view their calendar entries within the app. However, researchers Yair Amit and Adi Sharabani, the founders of Skycure, discovered that once enabled by the user, the app automatically transmits users’ calendar entries back to LinkedIn servers.
Read more on ynet.
Update: I’m not sure why this wasn’t included in the ynet coverage, but it seems LinkedIn had already announced a response to the problem. On June 6, Tom Warren had reported:
LinkedIn has now submitted a new version of its iOS app to Apple that will be available shortly with some changes to address some of the privacy concerns. Improvements, already live on the Android version, include a new “learn more” link with information on how calendar data is used and the disablement of data from the meeting notes section being sent to LinkedIn’s servers.