Sunday, May 24, 2020

Be careful with job applications over the internet! Indian job seekers data is being downloaded by threat actors worldwide.

The trove of Indian job seekers data is being downloaded by threat actors worldwide.
India has a huge job market and the same goes for those seeking jobs. Now, hackers have taken advantage of the opportunity and leaked a treasure trove of data belong to millions of Indian job seekers.
The data was identified by Cyble, a cyber threat intelligence company, and noted personal details of around 29 million job-seeking Indians from different states dumped on the dark web and hacker forms for anyone to download.
Screenshot of the leaked data (Image: Cyble)

The original leak, according to Cyble, appears to be from a resume (CV) aggregator service that collects data from different job portals in India.
In its official press release , Cyble stated that a threat actor has posted approximately 2.3 GB of data in a zipped file on a hacking forum operating on the dark web, and this particular file belongs to the resume aggregator service.
According to the company, the data contains sensitive data of Indian job seekers including personal details like educational qualification, email IDs, phone numbers, work experience, and home address, etc. Here are some of the screenshots acquired from the leaked data:

Threat actors playing around Indian data is nothing new. In October 2019, more than 1.3 million credit and debit cards were dumped online. The data almost entirely (98%) belonged to Indian banking customers while the rest of the data belongs to banks in Columbia.
In February 2020, hackers were offering more than 461,976 payment card records stolen from some of the largest banks in India. Each card was being sold for just $9.

As for the current story, the incident is developing news and an in-depth investigation of the matter is ongoing. This article will be updated with new information. 

No comments:

Post a Comment