A browser extension called Sell Hack adds a "Hack In" button to LinkedIn profiles. Pressing this button allows you to see that person's email address regardless of whether or not you're connected to that person. Sell Hack's website claims its tool will allow users to "find hidden emails and more."
LinkedIn isn't happy about it.
In an email statement to Gigaom, LinkedIn urged its members to "protect themselves" and exercise "caution before downloading any third-party extension or app." The company also said it's doing "everything it can to shut Sell Hack down," and said that Sell Hack isn't the result of a "security breach, bug or vulnerability."
Sell Hack, which was originally spotted by Yahoo Tech, claims that its service is completely legal:
The data we process is all publicly available. We just do the heavy lifting and complicated computing to save you time. We aren't doing anything malicious to the LinkedIn website. We think browser extensions are the best way to personalize an individual's Web experience. We love LinkedIn and are trying to make it better for the community.
The browser extension automatically runs a LinkedIn profile against Sell Hack's "data sources" once you hit the the button. Sell Hack says that it can "often" offer a "validated email address" once it runs the profile against its data sources. The catch, however, is that the tool can watch your activity on LinkedIn and collect information regarding any direct connection whose page you visit while the extension is running, Yahoo reports.
We reached out to Sell Hack and LinkedIn for comment and will update this story accordingly when we hear back.