•   
  •   

Tech & Science200 million Chinese resumes leak in huge database breach

19:15  11 january  2019
19:15  11 january  2019 Source:   msn.com

Amazon data breach: what to do if you're affected by leak just before Black Friday 2018

Amazon data breach: what to do if you're affected by leak just before Black Friday 2018 Amazon data breach: what to do if you're affected by leak just before Black Friday 2018

A huge MongoDB database containing over 200 million records with resumes from job seekers in China stayed accessible without authentication for at least one "It seems that the data is leaked from a third party who scrapes data from many CV's websites," the site's representatives further added.

This is a list of data breaches , using data compiled from various sources, including press reports, government news releases and mainstream news articles.

200 million Chinese resumes leak in huge database breach © Provided by The Next Web

Last night, HackenProof published a report stating that a database containing resumes of over 200 million job seekers in China was exposed last month. The leaked info included not just the name and working experience of people, but also their mobile phone number, email, marriage status, children, politics, height, weight, driver license, and literacy level as well.

Bob Diachenko, Director of Cyber Risk Research at Hacken.io and bug bounty platform HackenProof, found an unprotected instance of MongoDB containing these resumes on December 28.

Diachenko found the resumes in the open database search engines Shodan and BinaryEdge. The 854GB database didn’t have any password protection and was open to anyone to read.

Apple resumes iPhone X production in face of weak XS sales, report claims

Apple resumes iPhone X production in face of weak XS sales, report claims Turning to the past to meet its OLED quotas

The origin of the data remained unknown until one of my Twitter followers pointed to a GitHub repository (page is no longer available but it is still The tool named “ data -import” (created 3 years ago) seems to have been created to scrape data ( resumes ) from different Chinese classifieds, like

The Internet service company Yahoo! reported two major data breaches of user account data to hackers during the second half of 2016.

200 million Chinese resumes leak in huge database breach © Provided by The Next Web Screenshot of the GitHub[index company=github] repository

Diachenko wasn’t able to identify who generated the database or who owned it, but a now-defunct GitHub code repository featured a code that used an identical data structure to the leaked database. The database contained scraped data from multiple Chinese classified websites like bj.58.com. However, in a blog post, the website’s spokesperson denied the leak:

We have searched all over the database of us and investigated all the other storage, turned out that the sample data is not leaked from us.

It seems that the data is leaked from a third-party who scrape data from many CV websites.

Interestingly, the database was taken down as soon as Diachenko posted about the database on Twitter. Sadly, the MongoDB log showed at least a dozen IP addresses that read the instance before it went off the grid.

In most instances, it’s easy to contact the owner of the database and secure the info. However, in this instance, since there’s no clear owner of the database, it’s dangerous to assume that the leaked data is safe.

You can read the full report here.

West Ham receive huge Arnautovic bid from China.
West Ham have received a huge £35 million offer to sign Marko Arnautovic from an unnamed Chinese Super League club. According to Lee Clayton, the Hammers forward has been offered a big-money contract to leave the London Stadium. Fortunately for West Ham supporters, Clayton explains that the club plan to reject the deal, but it remains to be seen what Arnautovic’s attitude is towards the move. Arnautovic has been heavily linked with a move away from West Ham, with the likes of Manchester United and Chelsea recently linked with the player.

—   Share news in the SOC. Networks

Topical videos:

This is interesting!