Rankwinz

LinkedIn email addresses exposed by plug-in software

The email addresses of LinkedIn users can easily be exposed via a web browser add-on tool, it has been revealed.

Sell Hack is available as a free extension to the Chrome browser that, once installed, will pop up a "hack in" button on LinkedIn profiles.

Users can then find the email address associated with the account even if they are not connected. LinkedIn said it was taking legal action over the plug-in and advised users to uninstall it.

Since receiving a cease and desist letter from LinkedIn, SellHack has disabled the plug-in. "We are building a better product that does not conflict with LinkedIn's terms of service," it said on its blog. Previously it had insisted that the tool was created for marketing professionals and that all data is publicly available.

On its website it said: "We just do the heavy lifting and complicated computing to save you time, We aren't doing anything malicious to LinkedIn." But the social network for professionals did not agree. "We are doing everything we can to shut Sell Hack down. On 31 March LinkedIn's legal team delivered Sell Hack a cease-and-desist letter as a result of several violations," a spokesman told the BBC. "LinkedIn members who downloaded Sell Hack should uninstall it immediately and contact Sell Hack requesting that their data be deleted." He said that members should "use caution" before downloading any third-party extension or app.

"Often times, as with the Sell Hack case, extensions can upload your private LinkedIn information without your explicit consent," he said.