An anonymous reader quotes ZDNet:
Chinese companies have leaked a whopping 590 million resumes in the first three months of the year, ZDNet has learned from multiple security researchers. Most of the resume leaks have occurred because of poorly secured MongoDB databases and ElasticSearch servers that have been left exposed online without a password, or have ended up online following unexpected firewall errors.
Over the past few months, and especially over the last few weeks, ZDNet has received several tips about exposed servers that –when investigated– belonged to Chinese HR-focused companies. From tiny firms exposing a handful of CVs to professional executive head-hunting firms, they’ve all leaked their customers’ details, in one form or another… Counting all, we have 590.497 million resumes that have leaked from Chinese companies over the past three months, a worrying sign that Chinese HR companies are not taking the security of their servers seriously.
The article points out that the resumes include personal information including phone numbers, home addresses, family and marital status, and in some cases, even ID numbers.
of this story at Slashdot.
Source:: Slashdot