The issue is with part of ZipRecruiter’s site that enables a business with authorization to access the CV database to contact the person seeking a job. After an employer gets online and accesses a resume, they can decide to shortlist some of the candidates when they are provided with a candidate form. The problem is that unauthorized users are able to access the form while not having access to the CV database. “On October 5th, we discovered that certain employer user accounts that were not intended to have access to the CV Database were able to obtain access to information including the first name, last name and email addresses of some job seekers who had submitted their CVs to our CV database,” said ZipRecruiter in a statement. Thankfully enough no financial data or login credentials were accessed in this breach and ZipRecruiter was able to fix the bug within 90 minutes.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security