LinkedIn Covertly Scans 6,000+ Chrome Extensions and Harvests Device Data
What Happened — LinkedIn injects hidden JavaScript into its web pages that silently probes visitors’ browsers for more than 6,000 Chrome extensions and gathers detailed device attributes (CPU cores, memory, screen resolution, timezone, battery status, etc.). The script links the fingerprinted data to identifiable LinkedIn profiles, potentially revealing which companies use competing sales‑enablement tools.
Why It Matters for TPRM —
- Unauthorised data collection creates privacy‑compliance risk for client‑facing organizations.
- Competitive‑intelligence harvesting can be weaponised against vendors and partners.
- Lack of transparency undermines trust in a critical professional networking platform used for recruitment and B2B outreach.
Who Is Affected — Users of LinkedIn across all sectors, especially enterprises that rely on LinkedIn for talent acquisition, sales prospecting, and brand presence; SaaS vendors whose extensions are being profiled.
Recommended Actions —
- Review LinkedIn’s privacy and data‑handling clauses in vendor contracts.
- Advise employees to use privacy‑focused browsers or extensions that block third‑party scripts when accessing LinkedIn.
- Conduct a risk assessment of any internal processes that depend on LinkedIn‑derived data.
- Monitor for any follow‑up communications from LinkedIn regarding data usage or policy changes.
Technical Notes — The fingerprinting script loads a randomly‑named JavaScript file that attempts to access resources tied to known Chrome extension IDs, a known detection technique. It also collects hardware and environment metrics via the Navigator and Battery APIs. No CVE is associated; the behavior is a deliberate, undocumented feature. Source: BleepingComputer