A job search platform exposed over 5 million resumes, putting millions of job seekers at risk of identity theft, targeted scams and fraud. The leak, discovered by cybersecurity researchers at Cybernews, comes from a misconfigured Microsoft Azure storage container that is accessible on the Internet. The unsecured cloud bucket contained more than 5.1 million files, predominantly resumes and CVs, dating from 2016 to 2025.[1]
The breach is linked to LiveCareer, a platform founded in 2004 that provides digital tools for job seekers, including resume templates, cover letter generators, and job listings. The service helps over 10 million users across 180 countries. Based on the scale of the leak, researchers estimate that nearly half of the platform’s users may have had their data compromised.
The documents included a wealth of personally identifiable information (PII) such as full names, phone numbers, email addresses, home addresses, and complete employment histories. With this level of detail, experts warn that affected individuals face a heightened risk of targeted phishing schemes, financial fraud, and impersonation. The company has not issued a public statement regarding the breach as of publication.
This is not the first instance when job seekers' private data has been exposed online. Security experts emphasize that cloud storage misconfigurations remain a persistent problem in 2025. Improperly secured Azure, AWS, and Google Cloud instances continue to expose sensitive data across industries. In this case, the LiveCareer exposure appears to have gone unnoticed for years, with some of the leaked documents possibly accessible since 2016.
The problems with this extend beyond basic privacy concerns. With emails and phone numbers exposed, attackers can launch sophisticated phishing, vishing or voice phishing, and smishing (SMS phishing) attacks. By impersonating employers or recruiters, cyber criminals can lure victims into sharing even more sensitive information, including identification documents and financial details. Fraudulent job offers or requests for training fees are common tactics used to exploit such data.
Previous research revealed that HireClick, a recruitment platform for small to mid-sized businesses, leaked 5.7M files with applicants’ resumes. Foh&Boh, a US hiring platform used by KFC, Taco Bell, and Hyatt Grand, also exposed millions of applicants’ resumes, revealing all they wanted to share with potential employers. In May 2025, one of the largest employment platforms in Europe, beWanted, exposed a trove of sensitive details, revealing job seekers’ personal information, ranging from names to national ID numbers. In 2024, a Singapore-based remote hiring platform, Snaphunt, leaked over two hundred thousand CVs of job candidates dating from 2018 to 2023.
This article is shared with permission at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please contact the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.cybersecurityintelligence.com/blog/major-data-breach-exposes-five-million-jobseekers-8559.html
Comments