LinkedIn

LinkedIn has agreed to pay $1.25 million to settle a class-action suit that alleged the company failed to protect the passwords and private information of its premium subscriber customers.

The case dates back to June 2012 when the company reported that Russian hackers stole more than six million passwords from the social networking site, about 5% of LinkedIn's user base. Shortly thereafter, a user launched a class-action lawsuit claiming LinkedIn violated its own user agreement and privacy policy.

One of the risks of using social media networks is having information you intend to share with only a handful of friends be made available to everyone. Sometimes that over-sharing happens because friends betray your trust, but more worrisome are the cases in which a social media platform itself exposes your data in the name of marketing.

LinkedIn is shutting down Intro, its recently launched mobile service for connecting people over email, that raised security concerns.

LinkedIn launched Intro last October, as part of a larger push into becoming a "mobile first" company. The service was made for the iPhone, and was designed to grab LinkedIn profile information and insert it into emails received on phones. The service displayed that information to the recipient from the email's sender if the sender was also on LinkedIn.

The social network for professionals, LinkedIn, is to acquire Bright, a job-search site that matches employers with potential employees. This is a purchase that makes a lot of sense for LinkedIn, the Facebook of the working world, helping to make it even easier for people to connect across industries. While LinkedIn has around 11 years of experience under its belt, Bright is more a newcomer, having only launched three years ago.

British spies hacked into the routers and networks of a Belgian telecommunications company by tricking telecom engineers into clicking on malicious LinkedIn and Slashdot pages, according to documents released by NSA whistleblower Edward Snowden.

Once engineers with Belgacom clicked on the fake pages, malware was installed surreptitiously onto their machines, giving the spooks with Britain’s GCHQ the ability to penetrate the internal networks of Belgacom and its subsidiary BICS.

LinkedIn's Q3 report didn't inspire the kind of confidence in investors that the social network likely wanted. Part of that has to be due to the weak outlook for the fourth quarter.

Another reason is likely the growing number of security and privacy worries surrounding one of LinkedIn's newest products, Intro.

LinkedIn has responded to criticism over its new Intro product, stating that many things that have been said are "not correct or purely speculative".

Last week, the company launched the service, which acts as a proxy service between a user and an email provider, intercepting emails in order to inject LinkedIn information for them.

LinkedIn is denying claims that it "hacked" email accounts provided by users during registration, as claimed in a recent class-action suit.

In the complaint filed last Tuesday in a California U.S. District Court, plaintiffs Paul Perkins, Pennie Sempell, Ann Brandwein and Erin Eggers claimed that LinkedIn “hacked” external email addresses it requested in the sign up process to “extract email addresses” of their contacts. 

Jordan Harbinger, co-founder of The Art of Charm, a dating and social dynamics instruction school, isn't a hacker. But he used his basic knowledge of the social scene in order to social engineer people with Top Secret / Sensitive Compartmentalized Information (TS/SCI) clearances on LinkedIn.

Add LinkedIn to the list of Internet companies trying to make themselves safer from cyberattacks by adding two-step authentication.

Users of the professional social-networking site now have the option to add two-step verification to their accounts, which is designed to add another layer to the sign-in process when logging in from a new or unknown device. With the feature enabled, users will be prompted to type a numeric code sent to their phone via SMS when logging in from an unrecognized computer or device for the first time.