Data of 29 million (2.9 crore) Indian job seekers have leaked on the dark web for free, according to cybersecurity intelligence firm, Cyble. The firm said in a blog post that it came across a 2.3 GB zipped file on a hacking forum posted by a threat actor carrying details of the job seekers’ personal data from different states.
Cyble said that it is yet to find the source of the leak, but given the sheer volume and detailed information, it says that the data could have been originated from a resume aggregator. The following image shows that the data carries information of users from different states.
“The original leak appears to be from a resume aggregator service collecting data from various known job portals. Cyble’s team is still investigating this further and will be updating their article as they bring more facts to the surface,” it said.
In the blog post, the cybersecurity firm said that the breach includes sensitive information such as email, phone, home address, qualification, work experience, and more.
Confirming the severity of the data leak, Cyble said, “Cybercriminals are always on the lookout for such personal information to conduct various nefarious activities such as identity thefts, scams, and corporate espionage.”
The cybersecurity firm has acquired the leaked data and indexed the information at Amlbreached.com— Cyble’s data breach monitoring and notification platform. It said that those who are concerned about their information leakage can register at the given URL.
This comes after an independent security researcher discovered a database of 9.1 million Zoomcar users being sold on the dark web. The database included sensitive information like name, email, phone number, IP address, and encrypted passwords.