Recruitment site hack leaks 400,000 email addresses
Hackers take emails and start spamming victims of the Recruit Ireland data breach.
A recruitment site in Ireland has experienced a data breach, leaking around 400,000 email addresses in the process.
Recruit Ireland reported the breach yesterday, saying its website was taken down at around 2pm on Tuesday.
It has reported the incident to Ireland's Data Protection Commissioner and the police.
An investigation into the situation is currently ongoing.
"Indicators so far are that email addresses and names were compromised for spamming purposes," a message on the company Facebook page read.
"If you receive any emails please ignore. We apologise for any inconvenience caused."
Various members of the site have complained about being sent suspicious-looking emails.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Having shut the website down, Recruit Ireland reported late last night that it was up and running again.
"We are satisfied that following a thorough audit of the incident and the website users can now be confident that the full extent of the issues are understood and that their data is secure," a statement from the firm read.
Brian Honan of BH Consulting, who worked closely with the recruitment firm on auditing the site, said the issue of how the website was compromised had been dealt with.
"Additional measures have also been implemented to enhance the security of the website and we will continue to work with RecruitIreland.com to assure the security of the system," Honan added.
"Extensive testing of the website for any security weaknesses has also been conducted and the security of the website is in line with industry recognised standards."
Graham Cluley, senior technology consultant at Sophos, said it was a "ghastly situation" for the recruitment firm.
"Questions will no doubt be asked as to why the sensitive information was not held securely (was encryption being used?) and how it was possible for hackers to steal such valuable data," Cluley added in a blog.
"It isn't much consolation to the Irish workers who have had their details exposed in this hack, but this isn't the first time that cyber criminals have targeted recruitment websites."
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.