Michael Page, a global recruitment firm, has reported a data leak of job-related information that included names, email addresses, encrypted passwords, cover letters, and job history of the firm’s 780,000 employment candidates. It is being said that Capgemini, the company that Michael Page contracts their IT services to, inadvertently made a Michael Page server public.
The leak was brought to attention to Michael Page by a security researcher Troy Hunt, and thus, Michael Page believes the leaked MySQL data dump is unlikely to have been misused. However, the files could have been accessed by anyone interested in the data and knew what to look for.
References: The Capgemini Leak of Michael Page Data via Publicly Facing Database Backup | Capgemini Leaks Data of Recruitment Firm PageGroup | Over 780k Email Addresses Reportedly Exposed in Capgemini Leak of Michael Page Data
Several U.S. political think tanks and non-government organizations (NGOs) have been targets of a sophisticated phishing campaign. The group that’s believed to be responsible is the Russian hacking group, Cozy Bear. The phishing emails are crafted to provide documents that reveal the flaws of American elections sent by Clinton Foundation staffers, Gmail accounts, and from compromised Harvard.edu email addresses. The messages are intended to fool victims into opening the download links and attachments to install malware. Once the malware has successfully installed, it can examine and control the system that’s been infected and download additional malicious files to bypass antivirus protection.
References: Russian Hackers Launch Targeted Cyberattacks Hours After Trump’s Win | Suspected Russian Hackers Target U.S. Think Tanks After Election | Russian Hackers Target Think Tanks In Post-Election Attacks
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.