Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data


The Asia-Pacific region is targeted by a hacking group named ResumeLooters, exploiting job boards through SQL injection attacks, compromising 65 websites between November and December 2023. The threat actor steals resumes and personal data, with 2.1 million records, including email addresses, and sells the information on Telegram channels, employing tools like sqlmap and Metasploit. The campaign, financially motivated, reveals the persistence of SQL attacks and highlights the importance of robust cybersecurity measures for job search platforms.

Read More…