• Home
  • cyber
  • Foh&Boh, Nordstrom, Hyatt Grand and Omni Hotels & Resorts: Hiring platform serves users raw with 5.4 million CVs exposed
cyber Breach

Foh&Boh, Nordstrom, Hyatt Grand and Omni Hotels & Resorts: Hiring platform serves users raw with 5.4 million CVs exposed

Feb 6, 2025 2 min read
Foh&Boh, Nordstrom, Hyatt Grand and Omni Hotels & Resorts: Hiring platform serves users raw with 5.4 million CVs exposed

Hiring Platform Foh&Boh Exposes 5.4 Million Job Seekers’ Resumes in Unsecured AWS Bucket

A major data exposure incident has left the personal details of millions of job seekers vulnerable after U.S.-based hiring platform Foh&Boh accidentally left an AWS S3 bucket unsecured, containing 5.4 million files, primarily CVs and resumes. The breach, discovered by the Cybernews research team, exposed sensitive applicant information including work history, contact details, and personal identifiers making individuals susceptible to targeted phishing, identity theft, and financial fraud.

Foh&Boh, which serves high-profile clients such as Taco Bell, KFC, Nordstrom, Omni Hotels & Resorts, and Hyatt Grand, failed to restrict public access to the storage bucket. While the dataset was later secured following multiple contact attempts by researchers, the exposure raises concerns about unauthorized access by malicious actors. Attackers could exploit the leaked data to craft highly personalized phishing emails, impersonate past employers, or launch scams targeting financially vulnerable individuals.

The breach also heightens risks of identity theft, with cybercriminals potentially using the stolen details to open fraudulent bank accounts or apply for credit under victims’ names. Researchers warned that the incident could lead to synthetic identity fraud, where attackers combine real and fabricated information to create new, fraudulent identities.

This follows another recent breach involving Luxshare, a key Apple supplier, where a ransomware cartel allegedly stole confidential data from Apple, Nvidia, and LG, threatening to leak it unless demands were met. The Foh&Boh incident underscores the persistent risks of misconfigured cloud storage, a common yet preventable security failure.

No official statement from Foh&Boh has been released at this time.

Source: https://cybernews.com/security/foh-boh-hiring-platform-exposed-millions-resumes/

Foh&Boh TPRM report: https://www.rankiteo.com/company/foh-boh

Nordstrom TPRM report: https://www.rankiteo.com/company/nordstrom

Hyatt Grand TPRM report: https://www.rankiteo.com/company/hyatt

Omni Hotels & Resorts TPRM report: https://www.rankiteo.com/company/omni-hotels

"id": "fohnorhyaomn1769001286",
"linkid": "foh-boh, nordstrom, hyatt, omni-hotels",
"type": "Breach",
"date": "2/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '5.4 million job seekers',
                        'industry': 'Recruitment/Human Resources',
                        'location': 'U.S.',
                        'name': 'Foh&Boh',
                        'type': 'Hiring Platform'}],
 'attack_vector': 'Misconfigured AWS S3 bucket',
 'data_breach': {'file_types_exposed': ['PDF', 'DOC', 'DOCX'],
                 'number_of_records_exposed': '5.4 million files',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['CVs',
                                              'Resumes',
                                              'Work history',
                                              'Contact details',
                                              'Personal identifiers']},
 'description': 'A major data exposure incident has left the personal details '
                'of millions of job seekers vulnerable after U.S.-based hiring '
                'platform Foh&Boh accidentally left an AWS S3 bucket '
                'unsecured, containing 5.4 million files, primarily CVs and '
                'resumes. The breach exposed sensitive applicant information '
                'including work history, contact details, and personal '
                'identifiers, making individuals susceptible to targeted '
                'phishing, identity theft, and financial fraud.',
 'impact': {'brand_reputation_impact': 'Yes',
            'data_compromised': '5.4 million files (CVs and resumes)',
            'identity_theft_risk': 'Yes',
            'systems_affected': 'AWS S3 bucket'},
 'lessons_learned': 'Persistent risks of misconfigured cloud storage and '
                    'preventable security failures.',
 'post_incident_analysis': {'root_causes': 'Misconfigured AWS S3 bucket'},
 'references': [{'source': 'Cybernews'}],
 'response': {'containment_measures': 'AWS S3 bucket secured after discovery',
              'third_party_assistance': 'Cybernews research team'},
 'title': 'Hiring Platform Foh&Boh Exposes 5.4 Million Job Seekers’ Resumes in '
          'Unsecured AWS Bucket',
 'type': 'Data Exposure',
 'vulnerability_exploited': 'Unsecured cloud storage'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.