The personal details of over 29 million Indian jobseekers have been posted to a dark web site, free for anyone to access.
Cybersecurity firm Cyble, which discovered the trove on an unnamed hacking forum, has in turn added the compromised information to its breach notification site AmIBreached.
It claimed to have found the posting during a regular sweep of the dark and deep web. The 2.3GB file includes email, phone, home address, qualification, work experience, current salary, employer and other details on job-hunters from all over India.
“Cyber-criminals are always on the lookout for such personal information to conduct various nefarious activities such as identity thefts, scams and corporate espionage,” said Cyble.
The vendor claimed that the leak had originated from a CV aggregation service which collected the data from legitimate job portal sites. An update over the weekend clarified that the data may have been initially exposed by an unprotected Elasticsearch instance, subsequently made inaccessible.
It continues to investigate these claims.
In the meantime, it spotted another threat actor posting nearly 2000 Aadhar identity cards for free onto a hacking forum. They appear to originate from Madhya Pradesh state.
Also over the weekend, Cyble claimed that three hacking forums have themselves been breached, exposing user details and private chats.
The firm said it had been able to obtain databases related to Sinful Site, SUXX.TO and Nulled.
“All these hacking forums are based on general discussion and sharing of related resources. It is a place where users can find lots of great data leaks, hacking and cracking tools, software, tutorials, and much more. Along with that, over here the users can also take part in active discussions and make new friends,” it explained.
Specifically, the firm now has detailed info on users of SUXX.TO and Nulled, which were dumped on May 20, and private messages from Sinful Site, which were leaked on May 15.