LinkedIn Accused of Hacking Users’ Email Accounts. Here’s the Complaint.
In a complaint filed yesterday (which you can read in full below) the users accuse the company of essentially impersonating its users for the purpose of obtaining access to their email contacts. “If a LinkedIn user leaves an external email account open, LinkedIn pretends to be that user and downloads the email addresses contained anywhere in that account to Linkedln’s servers,” the complaint reads. “LinkedIn is able to download these addresses without requesting the password for the external email accounts or obtaining users’ consent.”
Once it has the addresses, the plaintiffs say LinkedIn sends what they describe as “endorsement emails” for various products and services. “These endorsement emails contain the name and likeness of those existing users from whom Linkedln surreptitiously obtained the list of email addresses,” the complaint goes on.
The plaintiffs say its all part of a marketing strategy that’s overtly described in LinkedIn’s regulatory filings with the U.S. Securities and Exchange Commission, saying it intends to “pursue initiatives that promote the viral growth of [its] member base.”
I asked LinkedIn for a response and didn’t get one right away, but I will update the post when I hear back (it is Saturday, after all). However, the company has denied the allegations and called them “without merit,” in comments to Bloomberg and the Los Angeles Times.
Update: Here’s LinkedIn’s full statement:
“LinkedIn is committed to putting our members first, which includes being transparent about how we protect and utilize our members’ data. We believe that the legal claims in this lawsuit are without merit, and we intend to fight it vigorously.”
If you want to read all the details from the original complaint, here’s that, too.