Job searching platform exposes personal information of 1.6 million employers and job seekers

• The database included phone numbers and emails of CISOs, CEOs, and government officials including the CTO of the Australian government and the FBI Domestic Security Alliance Council member.
• The database also included encrypted passwords of over 50,000 user records.

Researchers from SafetyDetective have uncovered an unprotected database belonging to Talanton, a new job posting and searching platform based in India. The leaky database has been exposed between May 17, 2019, and June 15, 2019.

What information was exposed?

The leaky database has exposed the personal information of almost 1.6 million employers and job seekers from the USA, India, Israel, UK, France, multiple additional European countries, Australia, UAE, Singapore, and Hong Kong.

• The database included phone numbers and emails of CISOs, CEOs, and government officials including the CTO of the Australian government and the FBI Domestic Security Alliance Council member.
• The database also included the job seekers’ personal details such as phone numbers, email addresses, gender, nationality, residential addresses, designations, current employers, salary expectations, and job seeking status.
• The database also included encrypted passwords of over 50,000 user records.
• The leaky database also included the details of Tommy Hilfiger Japan CEO, Tom Chu.

The response

Safety Detective notified the leaky database to the owner of the database, however, received no response.

Anurag Sen, the security researcher who discovered the leaky database, indicated that it was hosted by Tata Communications. However, Tata Communications stated that it does not host the database.

Correction, June 28: This story has been updated to reflect that the Talanton AI database isn't hosted by Tata Communications.