Security expert discovered an unprotected Elasticsearch database exposed online that was containing approximately 33 million job profiles in China.
Security expert Sanyam Jain at GDI Foundation has discovered an unprotected database exposed online that was containing approximately 33 million profiles for people in China who provided their resume to job recruitment sites.
The expert discovered the Elasticsearch database using the Shodan search engine, the 57GB archive included a username, gender, age, current city, home address, email address, phone number, marriage status, job history, education history, and salary history.
Jain discovering the ElasticSearch database on March 10th, 2019, but he was able to discover who was the owner of the archive.
The analysis of the archive allowed the expert to discover references to multiple Chinese job recruitment sites such as 51Jobs, lagou, and Zhilian.
“During the initial investigation what I have found is that the customer profiles for the companies 51Jobs, lagou, and Zhilian recruitment are being stored in the database. I believe that a third-party is aggregating the information from these companies and using them in some way.” Jain told to BleepingComputer.
The availability of this data potentially exposed people to several malicious activities such as scams and identity theft. The knowledge of the salary for so many people could be used by businesses to hire employees from their original companies.
Jain reported his findings to CNCERT, the China Cyber emergency response team, on March 11, 2019. The CNCERT told the expert it had identified the owner of the IP address as “北京机到网络科技有限公司” and that he contacted him to take the database offline.
The Elasticsearch database was shutdown on March 13, 2019.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.