Security researchers have discovered a misconfigured recruitment database that is leaking nearly 26 million files, with security experts warning that this kind of incident is becoming increasingly frequent.

According to a report from Cybernews, TalentHook—an online applicant tracking platform connecting HR departments with job seekers—had left an Azure Blob storage container improperly configured and publicly accessible.

As a result, the resumes of millions of U.S. citizens were exposed, including full names, email addresses, phone numbers, educational backgrounds, professional qualifications, and employment histories.

“The level of personal detail contained in these exposed resumes makes them ideal for highly targeted phishing attacks,” the Cybernews team explained.

"Email addresses and phone numbers can be exploited in phishing emails, SMS scams, or fake job offers designed to trick individuals into disclosing sensitive data such as ID scans or bank information."

Researchers warn that this data could prove valuable to cybercriminals targeting job hunters. In recent months, groups like the North Korean state-backed Lazarus group have specifically focused on jobseekers.

Earlier research this year revealed how the group has been using platforms like LinkedIn or impersonating recruiters via email and WhatsApp to lure victims.

Strengthen storage configuration practices

Tim Mackey, head of software supply chain risk at Black Duck, said this incident highlights the serious risks associated with overlooked misconfigurations and urged businesses to improve their configuration management processes.

"Misconfigured systems, VMs, containers, microservices, and databases are not new issues," he noted.

"For instance, the sample data from this breach shows masked identifiers like email addresses and mobile numbers, suggesting those fields weren't encrypted or that an insecure API may have also contributed to the leak."

Dray Agha, senior manager of security operations at Huntress, supported Mackey’s view, emphasizing that incidents like this are growing more routine.

"Misconfigured cloud storage—like the exposed Azure container in this case—remains a shockingly common and avoidable problem, especially among organizations handling sensitive personal data," said Agha.

"Organizations must carry out regular configuration audits, apply least-privilege access policies, and maintain continuous monitoring to prevent large-scale exposure of personal information."

The Cybernews team stated they have reached out to TalentHook and advised the company to adjust access settings to restrict public access and secure the container, while also updating permissions to ensure only authorized users or services can access the data.

Be sure to follow php.cn on Google News for all our latest updates, expert analysis, and reviews.

The above is the detailed content of 26 million CVs were exposed when a recruiting software firm left a misconfigured Azure container open – cybersecurity experts warn it's an easy mistake that's becoming far too common. For more information, please follow other related articles on the PHP Chinese website!