Around 250,000 American and British-based job seekers’ personal information has been exposed after Authentic Jobs misconfigured their database.
The exposed information included candidates’ names, addresses, contact information, and work experience.
The company stored the candidates’ profiles in cloud storage folders known as buckets, which were provided by Amazon Web Services (AWS).
It was found that the company set their privacy settings options to public instead of private, which allowed the users to view the details of someone who applied for a job and also downloaded by anyone who knew the location of the buckets.
Source: https://cisomag.com/recruitment-sites-exposes-250000-resumes-online/
"id": "AUT7218423",
"linkid": "authenticjobsinc",
"type": "Data Leak",
"date": "10/2019",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"