Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

LinkedIn Apologizes After Privacy Snafu

LinkedIn has apologized after its latest iOS update prompted some users to OK a new feature designed to connect them to nearby strangers within Bluetooth range.

The privacy snafu was spotted by Trend Micro VP of global research, Rik Ferguson, who claimed the update was described by LinkedIn merely as containing “general bug fixes and performance improvements."

Replying to his post on Twitter, several other users claimed to have been presented with the same pop-up following their download of the update.

It read: "LinkedIn would like to make data available to nearby Bluetooth devices even when you're not using the app. We will help you connect with others that are nearby."

The privacy implications of clicking “OK” are pretty obvious, and user anger at the appearance of the new feature seems to have been compounded by the complete lack of information about it in the update.

To its credit, the Microsoft-owned LinkedIn responded pretty swiftly, with this statement:

"To help our members more easily connect with one another, we’re exploring an opt-in 'find nearby' feature that will help them find other members nearby. This will be an opt-in experience and members will have control of when their location is used for this feature. A prompt to enable Bluetooth on our iOS mobile app went out in error to a small group of LinkedIn members.”

It remains to be seen how small a group this actually was, however, the firm apologized and said it was “working on a fix immediately.”

Connecting to strangers on social sites raises security as well as privacy concerns.

Last year a poll by Intel Security revealed that one in five British LinkedIn users have connected to someone they didn’t know on the site, while over two-thirds said they’ve never wondered if someone is not who they say they are online.

Cyber-criminals are increasingly looking to sites like LinkedIn as a valuable source of information on employees which can be used to hone spear phishing or BEC attacks.

What’s Hot on Infosecurity Magazine?