Why hacking a job site?

Job sites collect CVs that contain tons of personal data. When you ring your bank, or a credit card company, they will at some stage ask you for your address. They might ask you for your email address as well. Your landline or your mobile number. All that plus tons of the personal data in contained within the CV. That makes a CV database a perfect tool used for phishing attempts. Note that a person looking for a job is not in the best moments of his life, and hence vulnerable. Receiving a call from someone pretending he is a recruiter who just received a really good CV, when you do not have a job, people will answer all kind of questions that enable scammers to gather even more data that is on the original CV submitted.

Jobs sites get hacked often

In fact, job sites are one of the top types of the web sites that are likely to get hacked. The worst part is that job sites do not get hacked ‘for fun’, for some hacker or a hacking team to showcase their hacking skills, and replace the Home Page with some funny (or not so funny!) message, but for a very ‘commercial’ reason. Job sites never end up showing a hackers message instead of the Home Page, but instead only the data – the CV’s are stolen while the site itself keeps attracting the fresh candidates applications with their fresh CV’s. You can look at even right now – it does not say anything on the home page about being hacked at all!

Irish Times has an article today with an interesting question raised in their article of the being hacked:

“The attackers have already been arrested and a file sent to the DPP. If this is the case, when did the breach originally occur and why did it take so long to notify those impacted?”