Home » Samuel Pemsel: Huge data leak on the job platform Jobluck

Samuel Pemsel: Huge data leak on the job platform Jobluck

by admin
Samuel Pemsel: Huge data leak on the job platform Jobluck

CVs, private addresses, salary expectations: A lot of data was open at Jobluck Adobe Stock, Getty Images / matejmo; Collage startup scene

On the job matching platform Jobluck, a large amount of user data was available to third parties for weeks. In addition to real names, email addresses and telephone numbers, this also includes CVs that users have stored there. Gründerszene was informed about this anonymously and viewed this data as an example. We were also able to determine that very personal content such as user pictures, school grades, private addresses, salary expectations and other personal data were accessible to everyone.

No deep technical understanding was necessary to gain access to this data. The data was therefore not extensively “hacked”. Anyone with access to a specific URL had full access to the admin area of ​​the website. Gründerszene informed the founder Samuel Pemsel of Jobluck about the situation on Tuesday, who said he has now fixed the security gap. The Jobluck website, through which the data could previously be accessed, is currently not accessible.

Resumes were stored unencrypted at Jobluck

The PDF files of the individual CVs were saved unencrypted and without password protection and could each be accessed directly via a URL. The CVs were stored on a server of a website builder provider. The source code of the Jobluck website, which has now been taken offline, suggests that other parts of the homepage were also created using the same website builder.

See also  Conte to the CGIL, the bishop of the PIF: the Italian Party of Fancazzisti

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy