A threat actor has reportedly put up for sale the database of EmploiPartner.com, a state-approved e-recruitment company based in Algeria. The alleged data breach includes a comprehensive set of records:
653,220 Users (candidates and recruiters):
Data includes: ID, referred_by, domain_id, username, email, enabled status, salt, hashed password, last login, roles, registration date, and other personal information such as social media IDs and policy acceptance.
4,964,818 Job Applications:
Data includes: ID, function_id, partner_id, job details, applicant’s personal information (name, email, phone), application status, and various other fields related to job applications and candidate assessments.
623,952 Resumes (CVs):
Data includes: ID, function_id, candidate’s personal and professional information (title, career level, experience, languages, contact details), and additional metadata about the resumes.
2,661,435 Phone Numbers:
Data includes: ID, entity_id, entity_name, field, value, and validity status.
According to the threat actor, the full database size is 13GB, and they are offering live access to it.
The sale of such a comprehensive and sensitive dataset poses significant risks to the privacy and security of the individuals whose data has been compromised. This incident underscores the critical need for robust cybersecurity measures and strict data protection policies to safeguard personal information against unauthorized access and exploitation.
