I am sure everyone knows what LinkedIn is, but I guess no one knows that LinkedIn can even Hack your profile. I know this looks bizarre but it is not, after you will read my experience which can be a nightmare for many High Profile people on LinkedIn.
It was 9th April 2010 1451 IST when I received a mail from LinkedIn in my Inbox, subject was “Reset Your LinkedIn Password“. This was the first shock of the day. I read the mail :
Mail was a shock but then I thought might be someone would have tried accessing my account and used forgot password at LinkedIn. I kept myself calm and got back to work ignoring mail, but it was just a start and after a while I saw two three mails in my mail box sent by me through LinkedIn. I just couldn’t understand how this happened but the mails were funny actually…… Those mails were in reply to few mails from my Inbox. Let me share those humorous mails for you :
1. Mail replied to a HR Consultancy
2. Mail replied to a Financial Consultancy
3. Mail replied to my friend Nishant
By this time I was out of my mind and couldn’t understand whats going on I went to see my Profile. LinkedIn’s functionality to browse profile if last login cookie is saved on browser allowed me to access my profile without even getting a prompt to Login. The Profile was even more bizarre to see………
This was not enough to digest, then someone suddenly said what have you tweet on twitter. The 1st which got in my mind was “Here goes my twitter also, who the bloody hell is he?”. I got scared about my mailbox and then I started changing Passwords of all my accounts in social world and mailboxes. But later I saw the twitter tweet was from LinkedIn as my twitter account was attached to LinkedIn.
This all was not enough and I got another mail from the Hacker…..
Actually he is true in his mail, his email address got mapped to my profile. He gave me one more similar message on my profile where he added my present position as “JOBLESS” hahahha…. I must say thank god that person was a nice guy else don’t Know what someone else might have done with my profile.
Can anyone make out what exactly would had happened with my profile?
LinkedIn allows a person to have any number of email address attached to their profile and can login using any of those email address with same password. Now, Mahesh Naik’s email address got automatically mapped to my profile “A big bug of LinkedIn application”. So when Mahesh tried to login, his password was not accepted by LinkedIn and he tried forgot password functionality. As my email address was primary email address the link to reset password also came in my Inbox and even in his mail box as he provided his email address at forgot password area. He reset the password thinking that it was his profile but unfortunately it was my profile. This is how LinkedIn hacked my LinkedIn profile. The first this I did then was to remove his email address attached to my profile from email address section under settings.
I am thankful to Mahesh as he informed me and didn’t do anything destructive with my profile. But just imagine if my profile would have got mapped to someone else and person would have used profile with destructive mindset. I hope you understand what all can be done with anyone’s profile in hand.
Beware when a mail in your Inbox comes to reset password from any web portal.
I am sure you all must be now curious to know who this Mahesh actual is so here goes something about Mahesh Naik……
He is in board of Aftek India Pvt. Ltd.
Thanks Mahesh 🙂