Over 2M jobseekers’ data compromised in SQL injection, XSS attacks

More than 2 million jobseekers' personal data and email addresses have been exfiltrated by the ResumeLooters threat operation following SQL injection and cross-site scripting attacks against at least 65 websites, most of which are in the retail and recruitment sectors in India, Taiwan, and Thailand, reports SecurityWeek. The U.S., Brazil, Japan, Russia, Italy, and the Philippines have also been targeted by the attack campaign, which involved the utilization of open source and penetration testing tools for SQL injections, as well as the compromise of job search websites with XSS scripts in a bid to steal not only individuals' email addresses but also their names, birthdates, phone numbers, and work experience, according to a report from Group-IB. "Aside from the potential exposure of job seekers data (including phone numbers, email addresses, and other personal information), various APT groups could leverage this information for the further targeting of specific individuals," Group-IB said.