Over 26 million resumes exposed in top CV maker data breach - here's what we know

4 hours ago 1

(Image credit: Shutterstock)

Cybernews finds huge databse full of resumes and CVs
It belongs to TalentHook
The database apparently remains open to this day

Security researchers have discovered another large unprotected database which was leaking sensitive information to the general public.

Analysts fromCybernews found a misconfigured Azure Blob storage container available to anyone who knew where to look.

The archive contained almost 26 million files, and it was later determined that most of the files were resumes and CVs belonging to US citizens, including people’s full names, email addresses, phone numbers, education details, professional details, and employment history.

TalentHook in trouble

While it might not sound like much, the cache is a treasure trove for cybercriminals. Knowing these people are actively seeking new job opportunities, they can create fully customized, highly relevant phishing emails, successfully tricking people into downloading malware or sharing login credentials.

For example, the North Korean state-sponsored group Lazarus often targets job seekers on LinkedIn and elsewhere, sharing fake job description files which are nothing more than malware.

In some instances, they would have the victim jump through multiple job interview hoops, before asking for “trial work” which includes downloading malicious code.

Cybernews later determined that the archive belonged to TalentHook, a cloud-based applicant tracking system that connects HR departments with individuals seeking work.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Usually, when the researchers find unprotected databases such as this one, they notify the owners and get it locked down fast. However, in this instance, there was no confirmation that TalentHook actually barred access.

Instead, the Cybernews team shared advice with TalentHook, inviting the team to “change access controls to restrict public access and secure the container”. Therefore, it’s safe to assume that the database remains unlocked and available for all to find. The researchers also did not mention if someone found it already, but this is always a strong possibility.

At press time, there was no evidence of the data already being found and abused in the wild.

Over 16 billion records leaked in "unimaginable" major data breach – here's what we know
Take a look at our guide to the best authenticator app
We've rounded up the best password managers

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article