Connect with us

Editors' Pick

57GB Of Chinese Employment Data From Job Recruitment Websites Leaked

Published

on

57GB of Employee and Resume leaked online

A new set of problematic databases was discovered to have been accessible and unprotected. The database includes private information of more than 33 million employment profiles, history, and data. Experts are worried since these sensitive data are open for scammers, phishers, and identity thieves to target.

The said database was discovered by Sanyam Jain, a security researcher from GDI.Foundation, using the Shodan search engine. GDI.Foundation is a non-profit organization that has disclosed thousands of unprotected database and data leaks since its foundation. The same organization disclosed the existence of the ‘BreedReady’ database last week.

It appears that the database included more than 57GB of information and profiles in China who uploaded their resume and employment history to job recruitment websites. It contains data such as the job seeker’s username, gender, age, current city, home address, email address, phone number, marriage status, job history, education history, and salary history. Below is an example of what the database looks like.

The database was discovered last March 10th, 2019 and Jain said that he tried to determine and identify the owner of the database to warn them that the data was leaked and to help them secure it. According to Jain, he was not able to determine the owners of the said database, but he was able to see references to multiple Chinese job recruitment companies such as 51Jobs, Lagou, and Zhilian.

“During the initial investigation, what I have found is that the customer profiles for the companies 51Jobs, Lagou, and Zhilian recruitment are being stored in the database. I believe that a third party is aggregating the information from these companies and using them in some way,” Jian said.

With the massive amount of information being stored in the said job profile database, cybercriminals, or anyone for that matter, can use the data to launch cyber attacks, phishing attacks, and identity theft. Furthermore, companies can also use the said data to pirate employees from other companies by leveraging their knowledge of their salary and employment history.

Ultimately, Jian was able to trace the database to an owner in China and have reached out to CNCERT, the China Cyber emergency response team, on March 11 to help him close down the problematic database. On March 13, 2019, he was notified that the database had been closed down.

Until now, it is still unclear how the data was being used amidst the identification of who owns it. In a tweet that Jain posted, he said that people should be cautious about uploading their profiles online.

“Now, uploading profiles online is also not secure. It’s very well said: don’t trust anybody. As when a person gives his profile, he tries to give every small possible detail about him which is now accessed by anyone and can be modified,” Jian wrote.

“I don’t understand how the companies can put up all these online. My advice: please do hire cybersecurity experts, you really needed it.”

CHINA’S CYBERSECURITY PROBLEM

Late last week, Z6 Mag reported about the discovery of a Chinese database that included the data of more than 1.8 million Chinese women including their names, addresses, phone numbers, and interestingly, their “BreedReady” status.

According to Victor Gevers, the cybersecurity expert who discovered the said database, it contains information that is similar to other vulnerable databases that he and his team has uncovered in the past. The discovery of the said database is suggesting that there are other databases from Chinese companies that are vulnerable and unprotected.

While organizations like GDI.Foundation is uncovering these databases and reporting them as they discover them, it is still unsafe for Chinese people when these data go out in public. It’s very indicative of the poor cyber security protocol that exists in the country as someone from the United States can retrieve those data; anyone with adept knowledge in database search can do so too.

Yesterday, Gevers also discovered two more databases that appear to have similar code scheme as the ‘BreedReady’ database. He postulates that the three databases he recently uncovered were all related to each other and that he was able to trace the two new databases to a university in China. He said that these databases could be a student project that was left unprotected. /apr

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Editors' Pick

AMCA Breach: 20 Million Victims, 19 Class Actions

AMCA previously reported that there were only 200,000 victims in the recent breach, but their partner labs said there were more than 20 million. Click To Tweet

Published

on

AMCA previously reported that there were only 200,000 victims in the recent breach but the company, but their partner labs said there were more than 20 million.
AMCA previously reported that there were only 200,000 victims in the recent breach but the company, but their partner labs said there were more than 20 million. Photo: cbgrfx123 | Flickr | CC BY-SA 2.0

More than 20 million and not 200,000 have fallen victim to a massive data breach that has seen medical clients using the services of healthcare billing company, American Medical Collection Agency (AMCA), to pay for their laboratory tests in different blood testing labs across the U.S. were confirmed by the SEC filings of affected medical institutions amidst the earlier claims of AMCA that there were fewer victims.

The data breach was a result of a cyber attack that aims to phish for financial information from the website of the AMCA. The exposed data belongs to Americans who paid laboratory services at several clinical and blood testing labs and institutions and used the AMCA billing portal.

What happened in the AMCA breach?

Data that were stolen from the victims include their names, phone numbers, dates of birth, home addresses, social security numbers, credit card numbers, and other bank details. The said information was auctioned off by the hacker in several financial hacking forums.

According to DataBreaches.net, the organization who first reported about the incident, AMCA officials, following the notification of the breach confirmed that their system has been compromised and has remained undetected for more than eight months. AMCA corroborated that the breach took place between August 1, 2018, and March 30, 2019.

Notifications have been sent by several of AMCA’s corporate partners and clients to their customers following the disclosure of the security breach that has seen information from millions of Americans compromised.

Related: Hospitals Only Spend 5% Of Its Budget For Cybersecurity Amidst 82% Of Them Reporting To Have Been Attacked

The list of impacted testing laboratories includes Quest Diagnostics (11.9 million patients), LabCorp (7.7 million patients), BioReference Laboratories (Opko Health subsidiary, 422,600 patients), Carecentrix (500,000 patients), and Sunrise Laboratories (undisclosed number of patients).

However, neither the AMCA nor its five clients have yet to notify ALL impacted citizens by the breach making them vulnerable to a lot of cyber crimes and their financial data could be used by anyone who gets hold of the information against the persons of those who still don’t know that their financial information is floating around the internet.

The companies involved in the breach are facing several lawsuits

Appropriately, the lawsuit came into the direction of AMCA, Quest, and LabCorp regarding the incident. More than 11 class-suite actions have been filed against the three companies for their inability to protect consumer data. The 11 lawsuits were recorded at The United States Judicial Panel on Multidistrict Litigation (JPML) on June 3. Since then, eight more lawsuits were filed against the companies in federal courts from New Jersey, New York, and California.

According to litigation experts, “If many cases are filed in federal court, any of the lawyers on any of those cases can file a motion with the JPML [..] to centralize the various federal cases that have been filed by sending all of them to a single judge for coordinated pre-trial proceedings.”

“Healthcare companies are especially susceptible to data breaches not only because they aggregate a tremendous amount of important and sensitive data, but also because they tend to be less focused on cybersecurity protection than other industries,” said John Yanchunis of Morgan and Morgan, one of the firms who filed lawsuits against Quest Diagnostics.

“These companies, like Quest Diagnostics, know they are at an increased risk and yet have not taken the proper steps to protect their patients’ data. We will fight for justice on behalf of those impacted by this breach,” added Yanchunis.

Lawmakers are demanding an explanation

The U.S. government, led by attorneys general from Connecticut and Illinois has also opened an investigation on the matter. Furthermore, lawmakers and other politicians have sent letters to the responding companies to ask for an explanation of why an eight-month data breach remained undetected and to demand accountability from them.

In Washington, US Sen. Mark Warner (D-VA) also sent a letter to Quest Laboratories demanding the company explain its vetting process for selecting AMCA as a billing vendor, and what requirements a third-party vendor has to pass. Democratic New Jersey Sens. Cory Booker and Bob Menendez also sent letters to AMCA, Quest, and LabCorp, seeking official answers on how a breach of this severity went undetected for eight months.

“The months-long leak leaves sensitive personal and financial information vulnerable in the hands of criminal enterprises. Moreover, such breaches force victims to contend with identity theft that may lead to irreparable harm to their credit reports and financial future,” said the letter sent by the NJ senators.

Continue Reading

Arts & Entertainment

‘The Hunger Games’ Is Launching A Prequel And A Possible Movie

Suzanne Collins is releasing a prequel to The Hunger Games storyline and Lionsgate is already looking forward in turning it into a blockbuster movie Click To Tweet

Published

on

Source: Scholastic

Almost fours years after the last The Hunger Games movie (The Hunger Games: Mockingjay Part II) and almost nine years after the first book from the trilogy was released, Suzanne Collins is returning with the famed trilogy — but this time in a form of a prequel.

Scholastic, the publishing company that distributed Collins’ The Hunger Games trilogy, announced today that it is publishing a prequel novel to the series, currently untitled, which will hit shelves on May 19, 2020.

“Suzanne Collins is a master at combining brilliant storytelling, superb world-building, breathtaking suspense, and social commentary,” Scholastic Trade Publishing President Ellie Berger said in a statement. “We are absolutely thrilled — as both readers and publishers — to introduce the devoted fans of the series and a new audience to an entirely new perspective on this modern classic.”

Collins’ original Hunger Games trilogy—The Hunger GamesCatching Fire, and Mockingjay—altogether, sold more than 100 million copies and has been translated into more than 50 languages. Moreover, The Hunger Games books appeared on the New York Times bestseller list for more than 260 consecutive weeks (more than five straight years).

After writing the last installment in 2010, Collins teased in 2013 that she was working on a new series, but did not say whether it was related to The Hunger Games.

This time, the novel will be set in the world of Panem, 64 years before the events of the original Hunger Games trilogy—the morning where Katniss Everdeen volunteered as a tribute on the 74th Hunger Games. Presumably, Katniss Everdeen played by Jeniffer Lawrence will not be involved in the upcoming novel.

Based on the previous novels in the series, 74 years before the main novels, the 13 Districts of Panem already tried to initiate a rebellion against the Capital. In the aftermath of the failed attempt, 12 Districts remained to leave District 13 to rubbles. The Hunger Games was a result and served as a reminder that all the other Districts should obediently comply with the Capital’s rule.

The novel will take place 10 years after the first rebellion and will tell the story of Panem during the “Dark Days following a failed rebellion in Panem “With this book, I wanted to explore the state of nature, who we are, and what we perceive is required for our survival,” Collins told the Associated Press in the announcement. “The reconstruction period 10 years after the war, commonly referred to as the Dark Days — as the country of Panem struggles back to its feet — provides fertile ground for characters to grapple with these questions and thereby define their views of humanity.”

On other news, the Lionsgate film studio, who adapted The Hunger Games trilogy into movies, is already looking forward to the next addition to Collins’ franchise given that it received praise and public attention for producing them.

“As the proud home of the Hunger Games movies, we can hardly wait for Suzanne’s next book to be published,” said Joe Drake, chairman of the Lionsgate Motion Picture Group, in a recent statement to the Associated Press. “We’ve been communicating with her during the writing process and we look forward to continuing to work closely with her on the movie.”S

Lionsgate turned Collins’ Hunger Games novels into a series of four films, dividing the last novel, Hunger Games: Mockingjay, into a two-part finale. Over the course of the four movies, it earned almost $3 billion dollars an the worldwide box office with the last movie earning $653.4 million.

Collins helped with the movies as an executive producer and a co-screenwriter on the first 2012 movie but distanced herself after she finalized Mockingjay in 2010.

Lionsgate is also known to have produced Twilight, which is one of their platinum franchises along with Collins’ trilogy. The studio earlier licensed The Hunger Games to theme parks and live concert tours being built around the movie franchise.

Additionally, it starred Jenniffer Lawrence who played the main character as Katniss Everdeen in all of the four movies, which helped catapult her acting career in 2012.

Scholastic acquired world English rights to the prequel novel and it will publish in print, digital and audio formats in the US, Canada, the UK and Ireland, Australia, and New Zealand next year. The deal was negotiated by Rosemary Stimola of the Stimola Literary Studio for Suzanne Collins and David Levithan, VP, Publisher, and Editorial Director, for Scholastic.

Continue Reading

Editors' Pick

Global Ice Melting At Rates Faster Than Expected

Published

on

Photo by Sergey Kuznetsov on Unsplash

The global ice, or the size and number of glaciers located across cold spots around the world, is a clear indicator of the effects of global warming. With human’s excessive and consistent use of o-zone depleting resources such as fossil fuels — the rate of global ice is melting will only keep accelerating.

The National Snow and Ice Data Center reported that based on data they have gathered since the1900s, glaciers around the globe are shrinking and melting at an alarming rate.

Arctic sea ice has been in constant general low over the years following the increasing trend of greenhouse gas. Additionally, as the frozen ground across the Arctic melts, it releases a massive amount of methane, a potent greenhouse gas. Scientists say that this effect could make global ice melt accelerate even faster.

A separate study found that parts of the Canadian Arctic are experiencing a rate of permafrost thaw six times the long-term average.

Meanwhile, melted ice is especially notable both in and around Greenland — home to the second largest ice sheet on the planet.

“Communities in #Greenland rely on the sea ice for transport, hunting, and fishing. Extreme events, here flooding of the ice by abrupt onset of surface melt call for increased predictive capacity in the Arctic,” Steffen Olsen, a climate researcher at the Danish Meteorological Institute said in a tweet.

Olsen was referring to Greenland losing 2 billion metric tons of ice. “The high melt is unusual so early in the season but not unprecedented,” Greenland Ice said in a tweet.

Experts are calling the lost ice “not normal” considering that it equates to almost half of Greenland. Roughly 45 percent of the ice sheet surface has been melting. Usually, less than 10 percent of the ice sheet surface is melting at this time of year. According to data from the National Snow and Ice Data Center, Wednesday set a daily record for the widest melt area on that date, with 275,000 square miles.

“I’m losing the ability to communicate the magnitude [of change],” Jeremy Mathis, a longtime Arctic researcher and a current board director at the National Academies of Sciences told Mashable. “I’m running out of adjectives to describe the scope of change we’re seeing.”

On other parts of the globe, a city in western Alaska is experiencing drastic changes to its land formations as the state’s ice and permafrost are starting to thaw away.

“Springtime in Alaska isn’t what it used to be. This is the 3rd time past 21 years we can say” warmest spring of record.” 1998 was the warmest to date, exceeded in 2016 and now 2016 exceeded in 2019. Trend +4.0F (+2.2C) since the 1970s.” Rick Thoman said in a tweet.

The continued ice and permafrost melting in Iceland are causing significant damages in terms of requiring towns and villages like Newtok in western Alaska to relocate to avoid dangers.

“It’s a real challenge because in the US there isn’t the precedence to deal with this and there isn’t the political framework to deal with it either,” said Susan Natali, a scientist and Arctic expert at the Woods Hole Research Center in Massachusetts. “The numbers needing relocation will grow, the costs are going up and people’s lives and cultural practices will be impacted.

“Every year there’s a new temperature record, it’s getting worse and worse and you feel like a broken record saying it. This should be the number one urgent conversation happening right now because it’s not just going to be Alaska, it’s going to be other communities all over the US,” Natali added.

The problem does not only persist in Greenland, the Arctic or Alaska. Global ice is melting all across the globe. “The famed snows of Kilimanjaro have melted more than 80 percent since 1912. Glaciers in the Garhwal Himalaya in India are retreating so fast that researchers believe that most central and eastern Himalayan glaciers could virtually disappear by 2035 […] From the Arctic to Peru, from Switzerland to the equatorial glaciers of Man Jaya in Indonesia, massive ice fields, monstrous glaciers, and sea ice are disappearing, fast,” the National Geographic reported.

This week, the Pope has talked to oil executives in the Vatican to find solutions in the growing problem of global warming. He called for a “radical energy transition” from conventional fossil fuels and develop greener energy alternatives.

Continue Reading

Trending