Data breaches and hacking attempts seem to have become commonplace. We now have news of yet another data breach that has left millions of customers’ data exposed to hackers. This time, the target is a popular job application and HR portal ‘PageUp’. As announced on its website, PageUp confirmed a data breach has taken place as it has noticed unusual activity on its IT infrastructure.
PageUp Suspects Data Breach
Numerous job seekers, who were likely already stressed due to trying to find a job, are now even more upset as they suspect their details may have been leaked to hackers. The company first noted the unauthorized activity on May 23, 2018, after which it started forensic investigations. On May 28, 2018, the investigations revealed that potentially user data had been compromised.
Karen Cariss, Co-Founder and CEO of the firm, found it appropriate to alert their users about the suspected breach.
“As part of our commitment to keeping our global community of users and partners informed, we wish to advise you of unauthorized activity discovered on the PageUp system.”
It was then confirmed that the breach happened after a malware attack, which was then eradicated from the system. The officials now confirm that their system is completely safe from such malicious activities.
“The source of the incident was malware infection. The malware has been eradicated from our systems,” states PageUp. “We see no further signs of malicious or unauthorized activity and are confident in this assessment.”
The good news is that the exposed data does not contain any sensitive information. Although the leaked data may include names and contact information, it will only have an encrypted version of user-names and passwords of PageUp customers. As stated in their announcement,
“All client user and candidate passwords in our database are hashed using bcrypt and salted, however, we suggest users change their password.”
PageUp Confirms Informing Security Agencies
Although they have not clearly explained the technicalities associated with this breach, PageUp officials have duly informed the Australian Cyber Security Centre (ACSC) and the UK Information Commissioner’s Office (ICO) about the incident. They are also in contact with other security agencies in this regard.
PageUp has also developed a set of FAQs keeping in the view the possible queries of the customers. Furthermore, anyone having additional concerns can also contact them via their email address.
Let us know your thoughts in the comments below.
