- Over 200,000 records of jobseekers were left exposed in a database
- The records included sensitive PII that could be used in scams and fraud
- It isn’t known how long the database was left exposed, or who accessed it
Over two million records belonging to Alltech Consulting Services have been discovered by cybersecurity researcher Jeremiah Fowler in a non-password protected database.
Included within the exposed data is the personally identifiable information of over 216,000 job seekers, including names, phone numbers, email addresses, the last four digits of their SSN, passport numbers, and work authorization visa status.
Alltech Consulting Services work with over 1,000 organizations to source employees in the IT and engineering industries.
Tons of data exposed
The database has since had public access removed, but employer details were also contained within the database such as names, company names, email addresses, and phone numbers, along with applicant data including salary expectations, employment history, and if they were willing to relocate for the job.
Considering the general salary weighting for senior IT and engineering roles, many of those who have had their data leaked from the database would be prime targets for cybercriminals looking to extort victims in spear phishing campaigns or commit fraud and identity theft using their details.
The details contained within the database could also be used to target individuals with fake job offers, with Fowler pointing out that $737 million was lost to fake job offers between 2019 and 2023, with fake job scams rising by as much as 110% between 2022 and 2023.
“Although the records indicated the files belonged to Alltech, it is not known if they managed the unencrypted database or if it was managed by a third party,” Fowler also stated in his writeup.
“It is also unknown how long the records were exposed or if anyone else accessed them, as only an internal forensic audit can identify that information.”
The FBI recently released a warning about a series of job offers that scam victims out of cryptocurrency, and web developers have been targeted with malware hidden in Python packages by North Korean hackers.