LinkedIn has an iPhone and iPad app. One of its features isĀ “an opt-in feature which allows users to view calendar entries within the app“.
Some security researchers have been analysing this app and have discovered that when using the calendar feature it sends data to LinkedIn’s servers. It sends all of your calendar events, without explicitly asking for your permission.
This is considered a privacy risk. If you use the LinkedIn app on iOS, turn off the feature.
You should expect LinkedIn to make a statement about this issue, and eventually resolve it. I’ll post any updates here as they happen.
Update 7 Jun 2012:
LinkedIn have responded to these privacy concerns – you can read their comments here. Basically they confirm the privacy issues and justify it. They’ve also made changes to their iOS app to address the issue, the updated version is 5.0.3.
And at the same time someone in Russia claims to have hacked LinkedIn’s servers and has a list of over 6 million hashed password. A hashed password means they can’t read your password yet but given enough time it can be found. This incident is unconfirmed by LinkedIn, but it would be a good time to change your account password.