According to cybersecurity specialists, multiple websites have leaked the personal data of nearly 5 million Russian citizens. This information was corroborated by Ashot Oganesyan, founder and director of data protection systems developer DeviceLock.
“The set of files was leaked yesterday and, according to the type of information contained, we believe that the leak originated in the SuperJob job search portal”, the report mentions. The database, consisting of 4.8 million individual files, was available for download.
Among the data that make up each registration are: full names, user gender, date of birth, email address, city of residence, desired income level, users’ mobile phone company, region and time zone. There is nothing yet confirmed, but members of the cybersecurity community believe that the data breach may have resulted from the exploitation of some un unfixed vulnerabilities on the servers of this platform for job search.
This is not the first incident of its kind reported in SuperJob. In 2017, the platform reported on a data breach that exposed the information of millions of users. In fact, some reports suggest that both incidents involve virtually the same records, so some researchers believe the same database has been leaked in both incidents.
Regarding the risks of this leak, researchers believe that the compromised information could be used by criminal groups to trick people into seeking a job, deploying sophisticated phishing campaigns. It was previously reported that the Network has a database with data allegedly 115 thousand Russians stranded abroad due to coronavirus and returning to Russia.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.