LinkedIn is in the spotlight this morning as concerns surface regarding the privacy its opt-in mobile calendar feature.
Researchers from Skycure Security found that the company’s iOS app is collecting data — such as meeting notes, appointment times, and attendee names — from the built-in calendar when you view it within the app.
The calendar feature, with your permission, syncs with your mobile device’s calendar to provide information about the people you plan to meet with by displaying their LinkedIn Profile.
In order to provide that service, LinkedIn sends information from your calendar events to its servers. That data is never shared or stored, and is sent securely over SSL — a standard security technology.
LinkedIn addressed concerns in a blog post, stating “We will no longer send data from the meeting notes section of your calendar event.” Additionally, the company will provide a new “learn more” link so you can better understand how your calendar data is being used.
A new version of LinkedIn’s iOS app has been submitted to Apple and will be available soon. The company was careful to point out that this will remain an opt-in feature and can be turned off at any time through your settings.
In other and unrelated news, The Next Web is reporting that 6.5 million encrypted LinkedIn passwords have been compromised — less than 10 percent of the network’s user base. The company updated its Twitter account this morning to state that it’s “looking into reports.”
Although the breach has yet to be confirmed, we recommend changing your password — which is good practice, regardless of whether your account has been compromised or not.