14 DAY TRIAL // LinkedIn has decided to make some improvements to its mobile apps’ calendar after researchers raised some concerns regarding the fact that potentially sensitive data was being sent back to the company’s servers.
In a blog post, Joff Redfern, head of mobile products at LinkedIn, has explained the way the calendar feature works, but he has also revealed some improvements that have been made to ensure that their customers’ privacy is respected.
“In order to provide our calendar service to those who choose to use it, we need to send information about your calendar events to our servers so we can match people with LinkedIn profiles. That information is sent securely over SSL and we never share or store your calendar information,” Redfern explained.
He highlights the fact that this is an opt-in feature and it will remain that way. However, since Yair Amit and Adi Sharabani, the researchers that raised the alarm, pointed out the fact that users were not clearly notified what data was collected, the company decided to add a “learn more” link to provide customers with more details.
Until now, the calendar feature in the mobile apps collected email addresses, meeting subjects, locations and meeting notes, this last category being the most problematic because in some cases it might have contained conference call passcodes and other sensitive data.
To address these concerns, the application will no longer send the notes back to LinkedIn’s servers.
“These improvements are live on Android now and have been submitted to the Apple store and will be available shortly,” Redfern added.
In the meantime, LinkedIn has more serious problems to deal with after more than 6.5 million password hashes, many of which have been confirmed to belong to the social media site’s customers, have ended up online.
The company is still analyzing the incident, but it has urged customers to immediately change their passwords.