U.S. small to mid-sized business-oriented recruitment platform HireClick had more than 5.7 million files inadvertently exposed by an unsecured Amazon AWS S3 storage bucket, according to Cybernews.
Most of the leaked files were resumes, which included full names, phone numbers, home addresses, email addresses, and employment information, reported Cybernews researchers, who discovered the unprotected bucket at the end of February. Attackers were noted by researchers to potentially leverage the exposed data to facilitate phishing, smishing, and vishing campaigns involving the impersonation of recruiters and hiring managers to compromise banking details or deploy malware aimed at pilfering their funds, as well as doxxing activities. HireClick has yet to address the misconfigured database. Such a development comes amid the growing prevalence of data exposure incidents impacting job seekers, with leading U.S. hiring and onboarding platform Foh&Boh having millions of applicant records reported to have been leaked in February and major European employment platform beWanted having sensitive information exposed earlier this month.
Most of the leaked files were resumes, which included full names, phone numbers, home addresses, email addresses, and employment information, reported Cybernews researchers, who discovered the unprotected bucket at the end of February. Attackers were noted by researchers to potentially leverage the exposed data to facilitate phishing, smishing, and vishing campaigns involving the impersonation of recruiters and hiring managers to compromise banking details or deploy malware aimed at pilfering their funds, as well as doxxing activities. HireClick has yet to address the misconfigured database. Such a development comes amid the growing prevalence of data exposure incidents impacting job seekers, with leading U.S. hiring and onboarding platform Foh&Boh having millions of applicant records reported to have been leaked in February and major European employment platform beWanted having sensitive information exposed earlier this month.
