Leading U.S. recruiter for high-end work, Ladders, has recently confirmed that the data of nearly 14 million users were exposed in the midst of a security oversight.
The New York-based company left an Amazon-hosted Elasticsearch database exposed without a password, allowing anyone to access the data. Sanyam Jain, a security researcher and a member of the GDI Foundation, a nonprofit aimed at securing exposed or leaking data, found the database and reported the findings to TechCrunch in an effort to secure the data.
Within an hour of TechCrunch reaching out, Ladders had pulled the database offline.
Marc Cenedella, CEO, confirmed the exposure in a brief statement. “AWS confirms that our AWS Managed Elastic Search is secure, and is only accessible by Ladders employees at indicated IP addresses. We will look into this potential theft, and would appreciate your assistance in doing so,” he said.
TechCrunch verified the data by reaching out to more than a dozen users of the site. Several confirmed their data matched their Ladders profile. One user who responded said they are “not using the site anymore” following the breach.
Read more here.
Join us in Miami Beach, June 5-7 for the Global Online Marketplaces Summit.
Recruitment, coaching and outplacement firm, CMP, is providing over a thousand people free access to their career portal to make...
Read More
COVID-19 has had one major impact on HRtech: artificial intelligence has found its time to truly shine. Sahiqa Bennett, Co-founder...
Read More
Employment numbers have been in near free-fall since the coronavirus pandemic, and hardly any industry can hide from it. But...
Read More
