Personal data on 202 million Chinese job-seekers left exposed on insecure database
Resume information about more than 200 million Chinese job-seekers was exposed on an insecure database accessed in December by a researcher from Hacken, a cybersecurity company. Bob Diachenko, director of cyber risk research at Hacken.io and the bug bounty platform HackenProof, announced Thursday that he found a 854 gigabyte MongoDB database containing 202,730,434 records about job candidates from China. The files contained candidates’ skills and work experience, as well as their mobile phone number, email address, marriage status, political leanings, height, weight, driver’s license information and salary expectations, among other personal data. Not every field was filled-in for each individual, Diachenko said. The database did not require visitors to enter a username or password to access the information, Diachenko wrote. While the owner of the database remains unclear, Diachenko explained that the information appears to have originated from a tool used to scrape data from the websites of Chinese classifieds. […]
The post Personal data on 202 million Chinese job-seekers left exposed on insecure database appeared first on CyberScoop.
Continue reading Personal data on 202 million Chinese job-seekers left exposed on insecure database