LinkedIn's AutoFill feature and a cross-site scripting vulnerability may have allowed external sites to stealthily harvest private user data, such as email addresses, phone numbers and work history.
See the full content LinkedIn bug allowed private data to be stolen from profiles