A New Jersey talent firm posted thousands of resumes detailing immigration status and security clearances.

- Advertisement -


A New Jersey talent firm has exposed the resumes and personal information of at least 30,000 potential workers, leaving the database online without a password.

- Advertisement -

The database is owned by Voto Consulting, a North Brunswick company that finds jobs in the US primarily for Indian IT professionals.

- Advertisement -

It is not known exactly how long the database was exposed, but it was first indexed by Shodan, a search engine for insecure devices and databases, on May 10th. The database was discovered by Anand Prakash, security researcher and founder of PingSafe AI. who provided details of the TechCrunch database.

But because the database was available on the Internet without a password, anyone could search the database from a web browser.

- Advertisement -

The database contained candidates’ names, email addresses, and resumes, many of which contained detailed work histories, as well as other personal information such as home addresses, phone numbers, and dates of birth. In many cases, resumes also disclosed the applicants’ immigration status, such as whether they had a visa, work permit, or citizenship, as well as information about a person’s security clearance required for certain positions in the US federal government. While security clearance is not necessarily a secret in and of itself, foreign governments long searched use and blackmail those with access to classified data to obtain intelligence information.

On May 11, TechCrunch contacted Voto CEO Linel Fernandez with a link to a public database, but we received no response and the company did not immediately secure the database. (One message sent with an open tracker showed that our email was opened multiple times but ignored.)

After receiving no response, TechCrunch notified New Jersey Cybersecurity and Communications Integration Cella state government agency tasked with sharing cybersecurity information and reporting incidents, which has agreed to notify Voto via email and phone of the database being exposed.

The database has been offline since Tuesday, more than two weeks later. By the time the database was secured, it had more than quintupled in size and contained over 170,000 records in total.

Read more:


Credit: techcrunch.com /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox