Millions of job applicant records exposed by Foh&Boh

February 7, 2025

Hacking the security. The threat of information leakage and the security of the system. Red open padlock among closed black ones. Close the gap, fix the problem.

(Adobe Stock)

Leading U.S. hiring and onboarding platform Foh&Boh — which counts KFC, Nordstrom, and Omni Hotels & Resorts as its clients — had 5.4 million job applicant records, most of which are resumes and curricula vitae, exposed as a result of a misconfigured AWS bucket, which was only secured in early January despite being identified in September, Cybernews reports.

Included in the leaked records were individuals' names, birthdates, birthplaces, phone numbers, email addresses, nationalities, employment histories, educational backgrounds, and social media links, according to Cybernews researchers, who noted that such information could be exploited in targeted phishing campaigns and malware intrusions. "The leak significantly heightens the risk of identity theft, enabling cybercriminals to create synthetic identities or fraudulent accounts, leaving individuals exposed to a range of sophisticated cyberattacks," said researchers. Organizations have been urged to adopt more restricted access controls, server-side encryption, the AWS Key Management Service, and SSL/TLS protocols to better protect their data from inadvertent exposure.

SC Staff

Encryption

Reported UK-ordered iCloud encryption backdoor slammed

SC StaffFebruary 11, 2025

Implementation of a backdoor that would enable government access to Apple users' cloud storage data could set a precedent for authoritarian nation-states and threat actors, with Electronic Frontier Foundation's Thorin Klosowski noting the threat of a global emergency stemming from the secret order.

Breach

Extensive Israeli police breach alleged by Iran-linked hackers

SC StaffFebruary 11, 2025

Purportedly included in the exfiltrated information were officers' personal details and photos, gun licenses, email addresses, suspects' and criminals' personal data, sex offender employment permit details, and other classified documents, according to Handala, which also alleged the compromise of Israeli Ministry of National Security servers.

Ransomware

Over 120K impacted by Memorial Hospital & Manor ransomware attack

SC StaffFebruary 11, 2025

Infiltration of rural hospital's systems led to the theft of individuals' names, birthdates, Social Security numbers, health insurance details, and medical history and treatment data, said Memorial Hospital & Manor in a filing with the Office of the Maine Attorney General.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Millions of job applicant records exposed by Foh&Boh

Related

Reported UK-ordered iCloud encryption backdoor slammed

Extensive Israeli police breach alleged by Iran-linked hackers

Over 120K impacted by Memorial Hospital & Manor ransomware attack

Related Events

How CISOs Can Build Privacy-First Strategies for Regulatory Compliance

Unlocking the Power of Public Data: Make Your Security Team Faster and More Effective

Microsoft Copilot: How to Minimize Data Security Risks During Adoption

Get daily email updates