Sell Hack, the controversial browser extension that promised to reveal LinkedIn users’ private email addresses has been shut down by its makers (at least temporarily) after they received a cease & desist order from the business networking site.
If you recall, the plugin – which was available for Safari, Firefox and Chrome – added a “Hack In” button to LinkedIn profiles, which – when pressed – would sometimes display email addresses for contacting an individual.
Although there was some confusion in initial media reports, it has become clear that Sell Hack did not actually hack LinkedIn profiles to reveal the email addresses associated with them, but instead made use of publicly available information on the net combined with “best guesses” to determine the likely contact details for an individual.
As LinkedIn spokesperson Krista Canfield told me, “no LinkedIn data has been compromised and Sell Hack is not the result of a security breach, bug or vulnerability.”
But now, Sell Hack has responded to the furore, with an update on its blog entitled “The last 24 hours…”:
We learned a lot in the last 24 hours which calls for a more analytical retrospect. For the sake of this post I’m going to stick to bullets as there is a lot to communicate and we had more signups today than in our first 60 days combined!
– We received a C&D letter from LinkedIn on 3/31.
– This is not an April Fools hoax.
– SellHack plugin no longer works on LinkedIn pages.
– We only processed publicly visible data from LinkedIn based on your profile permissions…all of which has been deleted.
– LinkedIn stated: “No member data has been put at risk as a result of Sell Hack.”
– We are building a better product that does not conflict with LinkedIn’s TOS.
– We’ve been described as sneaky, nefarious, no good, not ‘legitimate’ amongst other references by some. We’re not. We’re dads from the midwest who like to build web and mobile products that people use.
– Recently been lauded with love (196x), awesome (87x) , ‘you guys f*cking rock’ (3x) amongst others.
– There are 300+ unanswered emails (and growing) in my inbox asking why the button isn’t working. We’ll get back to you before we sleep. Promise.
– We hit a previously record month for signups in one day!
– You are awesome!
– What else would you like to see since we’re taking a fresh look at things?
– Sell Hack Team
The “dads from the midwest” who make up the Sell Hack Team might do well to be a little more transparent if they release new versions of the tool, and be clearer about what they are doing and what they aren’t doing, if they want to gain the trust of internet users.
It remains to be seen if LinkedIn will ever look kindly on a service which put a “Hack in” button on every one of their over 200 million active user accounts.
I haven’t always been the biggest supporter of LinkedIn when it comes to security and privacy, but to be honest – I really don’t feel as if they have handled this situation badly at all.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.