A failure on linkedin could have put your data in danger

Most of you know LinkedIn, the so-called job social network. It is a company currently owned by Microsoft. Apparently the website has experienced a serious flaw that has allowed attackers to obtain information from users. It appears to have been a bridging attack, maliciously using the autocomplete button.

A failure on LinkedIn could have put your data in danger

At the moment the scope of the attack is unknown, we do not know how many users could have been affected by the failure. What is known is that the page itself has acted quickly and just 24 hours later they had already solved the error.

Security breach on LinkedIn

As we have said, it seems that the autocomplete button on the web has been used in a malicious way. The attackers have used an invisible design that occupies the screen of the employment social network. When the user is going to enter data and allow data to be dumped using the button, attackers get this data as well.

This problem seems to have been able to abuse the LinkedIn API for login to third party sites and services. Although the website has been quite attentive to the failure and they have corrected it very quickly. In less than 24 hours.

So there is no longer any threat when using this button and we assume that from the employment social network they will be alert to possible threats. What is still unknown at the moment, pending more data from the company, is the number of users affected.

The Hacker News Font