LinkedIn’s Bad Week: 6.5m Hacked Passwords, And Caught Sucking In Your Private Data

Linked In Hacked
A user in a Russian hacker forum announced that he has hacked LinkedIn, and uploaded 6.5 still encrypted passwords (without usernames) as proof.

In a carefully worded statement, LinkedIn confirmed the release of some passwords. This is rather disastrous, especially following just a day after the discovery that LinkedIn had been pushing some privacy boundaries too. More on that in a moment.

Start Changing Passwords
If you haven’t done it, go change your LinkedIn password.

Further, if you use that same password (or close variants of it) on other services, go change them too. Yes, it would rot to have your LinkedIn account vandalized, or copied — but if you use the same password on other more sensitive accounts (your bank account, or email) then you’ll want to change them, as that could be a gateway to identity fraud.

And there’s still more – you may want to decouple LinkedIn’s mobile app from your schedule when you read this next part.

Linked In’s New App Has Been Vacuuming Up Personal Data
Its new iOS app shows your appointments, but Researchers Yair Amit and Adi Sharabani found that the app automatically sends your calendar entries, complete with meeting notes, back to LinkedIn’s servers, once you’ve enabled the opt-in calendar function. So, now LinkedIn knows who you’re meeting with, agendas, locations, whatever is in your notes.

This extra data isn’t used in the app, yet LinkedIn has still pulled it from users’ devices and is mostly likely storing it away for future use, or leak. (Sorry guys.)

Imagine, if LinkedIn could see your professional grid through the network, and then what you’re up to in your real life schedule. Forget Klout score – with that view of your life, LinkedIn would be in position to see an people’s lives as careers with astonishing and creepy clarity.

So, now that I’ve changed my LinkedIn password, I’m going to pull its app from my schedule.

As a digital strategist I tend to try lots of new stuff – but then the tide shifts and I turn lots of it off to protect my privacy.

And as of today, that tide just turned when it comes to LinkedIn.

1 Response to "LinkedIn’s Bad Week: 6.5m Hacked Passwords, And Caught Sucking In Your Private Data"

  • Todd Bartlett

    June 8, 2012

    Dave,

    Great post. I did not event think about changing my passwords on social networking sites or other accounts like my bank, that may use the same password.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>