Company Logo

Home technology cyber-security user Data Leak possible with LinkedIn's AutoFill plugin

User Data Leak possible with LinkedIn's AutoFill plugin

Cyber Security

User Data Leak possible with LinkedIn's AutoFill plugin

Researchers have found a flaw in LinkedIn’s AutoFill plugin. The plugin allows websites to let the users quickly fill up forms. This could allow hackers to steal vital information like full name, phone numbers, email address, ZIP code, company, and job title.

Certain hostile sites have easily been able to render the plugin on their entire page. This means that if users who are logged into LinkedIn click anywhere, they’d be unknowingly hitting a hidden “AutoFill with LinkedIn” button. They’d be giving their data without their knowledge.

Cybersecurity Issues

The issue was first identified by security researcher Jack Cable who immediately informed it to LinkedIn. LinkedIn immediately issued a fix; however, it didn’t inform the public of the issue. Even if the fix was issued, the problem continued as LinkedIn the use of its AutoFill feature to whitelisted sites, which pay LinkedIn to host their ads.

This meant that it’s still open for abuse and hackers can still run AutoFill on their sites. But LinkedIn is claiming that there’s no evidence that the weakness was exploited. However, the problem still persists. After Facebook went through its data scandal, every site is on high alert for any potential risk.

Business News

Recommended News

Most Featured Companies

Latest Magazines

© 2023 CIO Bulletin Inc. All rights reserved.