Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese HR Firms Have Leaked Over 590 Million Resumes Via Open Databases (zdnet.com)

Posted by EditorDavid on from the job-openings dept.

An anonymous reader quotes ZDNet: Chinese companies have leaked a whopping 590 million resumes in the first three months of the year, ZDNet has learned from multiple security researchers. Most of the resume leaks have occurred because of poorly secured MongoDB databases and ElasticSearch servers that have been left exposed online without a password, or have ended up online following unexpected firewall errors.

Over the past few months, and especially over the last few weeks, ZDNet has received several tips about exposed servers that --when investigated-- belonged to Chinese HR-focused companies. From tiny firms exposing a handful of CVs to professional executive head-hunting firms, they've all leaked their customers' details, in one form or another... Counting all, we have 590.497 million resumes that have leaked from Chinese companies over the past three months, a worrying sign that Chinese HR companies are not taking the security of their servers seriously. The article points out that the resumes include personal information including phone numbers, home addresses, family and marital status, and in some cases, even ID numbers.

4 of 22 comments (clear)

  1. Meanwhile... by phantomfive · · Score: 3, Interesting

    Meanwhile, Linkedin is known to have exposed employment information for millions of employees around the world. You can see this cache of employment information today, by going to the Linked-in search page.

    --
    "First they came for the slanderers and i said nothing."
    1. Re:Meanwhile... by rtb61 · · Score: 2

      You kind of missed the problem, those kind of details are more than sufficient to open a social media account, to post all kinds of rubbish, that will destroy the affected people, government mandated social media score. Want to see what kind of chaos those two together will bring, just wait a mo, it will happen. Revenge, espionage, the purposeful spreading of chaos, those HR companies have actively threatened and irreversibly damaged China's social media score system. They are in serious shite, they have opened the China up to espionage attacks on that social media score platform. Full panic mode is appropriate for that management.

      --
      Chaos - everything, everywhere, everywhen
  2. We all know what this means. by Gravis+Zero · · Score: 2

    A bunch of Chinese admins are having their social credit score drop.

    --
    Anons need not reply. Questions end with a question mark.
  3. Re: China has HR firms? by Anonymous Coward · · Score: 2, Insightful

    I have yet to encounter an HR organization that treats employees as human.