All the latest UK technology news, reviews and analysis


LinkedIn stung by password theft and iOS app data bungle

06 Jun 2012
linkedin-advertising

Professional networking website LinkedIn has run into a pair of thorny privacy issues, after reports emerged that millions of account credentials had been leaked, while researchers also accused its iPhone app of surreptitiously snaffling users' data.

According to Norwegian website Dagens, around 6.5 million encrypted LinkedIn passwords were recently posted to a Russian hacker site. Many of those hacked passwords have now been decrypted.

Linked said in a Twitter posting that it was investigating the reports.

V3 also contacted the firm for any update but had received no information at the time of publication.

Meanwhile, a pair of researchers with Israeli firm Skycure revealed details of a data-sharing issue with LinkedIn's iOS app.

Yair Amit and his colleague Adi Sharabani found the app sent users' calendar information to the company's servers, without warning.

The problem affects users that enable the feature which allows them to view their iOS calendar within the app.

“The app doesn’t only send the participant lists of meetings; it also sends out the subject, location, time of meeting and more importantly personal meeting notes, which tend to contain highly sensitive information such as conference call details and passcodes,” the researchers wrote on a blog.

The researchers said they informed LinkedIn about the potential risk of obtaining user details without permission, but the issue had not yet been fixed.

The mobile app feature had been intended to provide a better calendar service for its users, LinkedIn's mobile product manager Joff Redfern wrote in a company blog.

“We do not store any calendar information on our servers.” he said. “We do not share or use your calendar data for purposes other than matching it with relevant LinkedIn profiles.”

LinkedIn has promised to update its app, removing the capability for calendar note information to be uploaded to its servers.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
21%
31%
10%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Litigation eDiscovery Analyst (DocuMatrix, Relativity, Introspect)

Litigation eDiscovery Analyst (DocuMatrix, Relativity...

C# .NET Developer (SQL, Algorithms, Data Algorithms, Artificial

C# .NET Developer (SQL, Algorithms, Data Algorithms...

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Retail and Finance Application Developer and Support Analyst

MS Dynamics Nav: Retail and Finance Application Developer...
To send to more than one email address, simply separate each address with a comma.