A New Jersey talent company has leaked the resumes and personal data of at least 30,000 prospective employees, leaving a password-free database online.
The database is owned by Voto Consulting, a North Brunswick company that hires mostly Indian IT professionals in the United States.
It is not known exactly how long the database was discovered, but it was first indexed by Shodan on May 10 when it was launched by the Database Search Engine. The database was discovered by security researcher ing PandSafe AI founder Anand Prakash. who provided the details of the database to TechCrunch.
But because the database was accessible to the Internet without a password, it was possible for anyone to search the database from a web browser.
The database contained names, e. Addresses և Candidate resumes, many of which contained detailed work histories, as well as other personal information such as home addresses, telephone numbers, and dates of birth. In many cases, resumes also revealed candidates’s immigrant status, such as if they had a visa, work permit, or citizenship, as well as details of the security clearances required for certain US government jobs. While having a security clearance may not be a secret in itself, foreign governments have done so long sought after exploit և blackmail those who have a security clearance for intelligence purposes.
On May 11, TechCrunch contacted Voto CEO Linel Fernandez, citing the leaked database, but we did not hear a response, nor did the company immediately protect the database. (An open-ended message indicates that our email has been opened several times but has been ignored).
After hearing no response, TechCrunch reported New Jersey Cyber Security և Communication Integration CellA state government agency tasked with sharing cyber security information, reporting incidents, and agreeing to e-mail Voto to report the leaked database by telephone.
The database has been offline since Tuesday, more than two weeks later. By the time the database was backed up, it had grown more than fivefold to more than 170,000 records.