LinkedIn is a website for professional communication, what most don’t know is a privacy leak with LinkedIn. An odd referer was linked to our site. It was from LinkedIn, but it was someone reading their messages. It gets weirder, it also gives the token LinkedIn uses to identify if you are the logged in user.
When we clicked the referrer link, it gave us the picture and name of the CISO who clicked a link in his messages to our site. This is concerning as this is a privacy leak that is actively happening to every site people click on from LinkedIn.
This is in midst of the privacy debacle of Facebook and while this isn’t as bad as some of the things that have happened at Facebook it could endanger some peoples lives. Say you are a government agent and click a link, thinking it would just say it came from LinkedIn. This would expose the governments agent blowing his cover, but let’s say the roles are slightly reversed and a government agency, was running a sting site to arrest people, but have to prove their identity. This LinkedIn issue could certainly help identify people and what websites they visited along with their image and LinkedIn profile.
What do you think, is this a privacy issue or not? Let us know in the comments.
