Security Affairs reports that major Brazilian recruitment and selection service platform CIEE One was discovered by Resecurity to have had 248,725 records belonging to businesses and trainees exfiltrated and later exposed by the financially motivated underground data broker "888".
CIEE One, which has been offered by the CIEE Business-School Integration Center for organizations looking for internship or apprenticeship candidates, had been infiltrated through the firm's unsecured Google Cloud Storage bucket, according to a report from Resecurity's HUNTER team. While researchers have already notified CIEE and Brazil's Computer Emergency Response Team, data compromise continues to be likely amid the elevated prevalence of exposed buckets, which was noted to be the cause of 41% of cloud breaches. Multiple organizations in the technology, oil and gas, and freight industries, including Microsoft and BMW Hong Kong, have already been targeted by 888, which was found to share techniques with IntelBroker, since 2024.
CIEE One, which has been offered by the CIEE Business-School Integration Center for organizations looking for internship or apprenticeship candidates, had been infiltrated through the firm's unsecured Google Cloud Storage bucket, according to a report from Resecurity's HUNTER team. While researchers have already notified CIEE and Brazil's Computer Emergency Response Team, data compromise continues to be likely amid the elevated prevalence of exposed buckets, which was noted to be the cause of 41% of cloud breaches. Multiple organizations in the technology, oil and gas, and freight industries, including Microsoft and BMW Hong Kong, have already been targeted by 888, which was found to share techniques with IntelBroker, since 2024.
