In a recent discovery, Cybernews researchers have uncovered a massive data leak exposing nearly 26 million resumes stored by TalentHook, a cloud-based applicant tracking system widely used by HR departments to connect with job seekers.
TalentHook is a platform facilitating recruitment processes for many organizations. A misconfigured Azure Blob storage container belonging to TalentHook left millions of sensitive files publicly accessible to anyone with the right URL.
The exposed data primarily consists of CVs from job seekers—mostly based in the United States—containing detailed personal information such as:
- Names
- Home & Email addresses
- Phone numbers
- Education & Employment history
Such details create a high risk for those affected, making them vulnerable to identity theft, fraud, and sophisticated phishing campaigns.
With vast amounts of information available, attackers can leverage the leaked information to carry out targeted phishing attacks through email and SMS, impersonating legitimate recruiters or employers. These scams may involve fraudulent job offers, requests for sensitive personal documents, or even demands for payments under false pretenses such as background checks or training fees. And the exposure of home addresses and phone numbers increases the risk of doxxing, potentially leading to harassment or intimidation of victims.
Cybernews researchers have reached out to TalentHook on resolution steps, including restricting public access to their cloud storage, updating permission settings to allow only authorized users, and enabling server-side encryption to secure data at rest.
For job seekers, it’s a reminder to stay vigilant against suspicious communications and verify any job-related requests through official channels.
Cloud security is critical, especially for platforms handling sensitive personal data at scale. As more companies rely on cloud storage solutions like Microsoft Azure, proper configuration and continuous monitoring are essential to prevent such costly data exposures.
Learn more and stay updated on Cybernews’ official post here.
Leave a Reply