LinkedIn Accused of Hacking Customers' E-Mails To Slurp Up Contacts

cold fjord writes with this Business Week report: "LinkedIn Corp. ... was sued by customers who claim the company appropriated their identities for marketing purposes by hacking into their external e-mail accounts and downloading contacts' addresses. The customers, who aim to lead a group suit against LinkedIn, asked a federal judge in San Jose, California, to bar the company from repeating the alleged violations and to force it to return any revenue stemming from its use of their identities to promote the site ... 'LinkedIn's own website contains hundreds of complaints regarding this practice,' they said in the complaint filed Sept. 17. ... LinkedIn required the members to provide an external e-mail address as their username on its site, then used the information to access their external e-mail accounts when they were left open ... 'LinkedIn pretends to be that user and downloads the e-mail addresses contained anywhere in that account to LinkedIn's servers,' they said. 'LinkedIn is able to download these addresses without requesting the password for the external e-mail accounts or obtaining users' consent.'" "This puts an interesting twist on LinkedIn's recent call for transparency," adds cold fjord. (More at Bloomberg.)

Re:Someone didn't read the screen, methinks.

[Greg01851]

Exactly my thoughts. You can have LinkedIn import your email contacts for 'contact suggestions' https://www.linkedin.com/fetch/importAndInviteEntry?trk=nav_responsive_sub_nav_add_connections These people probably did this and forgot that they did so.

Re:What the hell is "left open"?

Wouldn't that also imply clear-text password storage at the LinkedIn end? In itself quite a bad revelation if that is the case.

Re:Someone didn't read the screen, methinks.

[Stan92057]

Think about that for a second

" LinkedIn offers to read your existing email accounts for contacts, so that you can connect to them"

LinkedIn users an too stupid to email and connect to Their friends on Their own?? This isn't a service, its email address spidering scam

Re:What the hell is "left open"?

[mapkinase]

I already forgot what I did on Linkedin when I joined it several years ago, but didn't we all gave them our contact lists voluntarily so they will check if our acquaintances have it? May be I am confusing this with Google+

Re:Doesn't make sense

Working in the Corporate world, I've seen this happen to people before. They sign up on LinkedIn, suddenly everyone on their contacts list starts getting "invites".
All the examples I've personally seen were people who accessed LinkedIn on a smartphone. One co-worker suddenly started spamming invites to a couple distribution lists at the company.... he had just logged in using his work-supplied phone and it scraped his contact list. And since he's always 'logged in' with the work email, it started scraping the entire company directory.
We awarded them with a permanent spot on our spam Blacklist, and blackholed their IP space.

Re:Fuck class action

[Zemran]

No, you are wrong, no 'all' students, only US students. We don't have that 3rd world stuff in the UK.

Re:What the hell is "left open"?

[JoshRosenbaum]

I'd say it's more likely that one of your friends is allowing Facebook to scrape their email account and you are getting associated in that way. There's no need for them to hack your account when they can get all that data from someone else. No matter how much we try to keep our privacy, it's easily destroyed when one of our connections gives up all their data.