fbpx
Technology

Thousands Of Australian Job Seekers’ Details Potentially Exposed In Hack

A Sydney law firm is seeking potential victims for a class action after PageUp, a multinational software provider used by some of Australia’s biggest companies to manage their recruitment, notified that it had been hacked.

Thousands of job applicants’ personal details may have been compromised in the hack. The software is used by many large companies and agencies including Telstra, Wesfarmers, Linfox, the Reserve Bank, and the ABC to manage job applications via an online process.

The information included in job applications would be extremely useful for identity fraud. As well as birth dates and other identifying details, job applications could potentially include passport details, tax file numbers and bank accounts.

Several large corporates and government agencies that rely on PageUp People have now suspended their recruitment sites as they await for answers on what, if anything, was compromised.

PageUp, which boasts 2 million active users across 190 countries, posted a statement from chief executive Karen Cariss on its website, saying it had noticed “unusual activity” in its IT infrastructure on May 23.

The company has launched an investigation, while its client companies also released emergency statements to their employees and candidates who had applied for jobs using PageUp’s software.

“We have suspended all connections between Coles’ systems and PageUp’s systems and stopped all available points of upload, while we obtain information from PageUp about the nature and extent of the security incident and possible data breach,” Coles said in an advisory to staff.

The list of companies includes:

  • Wesfarmers: Coles, Target, Kmart, Officeworks
  • NAB
  • Telstra
  • Commonwealth Bank
  • Lindt
  • Aldi
  • Linfox
  • Reserve Bank of Australia
  • Australia Post
  • Medibank
  • ABC
  • Australian Red Cross
  • University of Tasmania
  • AGL
  • Jetstar

PageUp’s company statement said it had notified the Australian Cyber Security Centre (ACSC) and engaged with Australia’s Computer Emergency Response Team and equivalent United Kingdom authorities.

Head of the ACSC Alastair MacGibbon said the centre was working with PageUp to investigate the security breach.

“There has been a breach, there has been malicious code executed inside PageUp’s systems and criminals may have access to an amount of documentation, we just don’t know exactly what it is,” Mr MacGibbon said.

“Any breach is bad and our job in the government is to reduce the likelihood of these events happening, but unfortunately the reality is that criminal groups are always looking at new ways to steal credentials and wreak havoc on our society.”

Mr MacGibbon recommended any PageUp users change their passwords.

The principal solicitor of Centennial Lawyers, George Newhouse, said employers owed a duty to keep highly personal information confidential, not only of their workers but also those that are applying for work.

This can often include financial information and even medical information required as part of an induction process he said.

“Companies and those that provide services to them must take adequate steps to protect their employees’ or potential employees’ information. This case highlights the damage that can be done if security is breached,” he said.

This story originally appeared in The Guardian. Image courtesy of Andrew Brookes/Getty Images/Cultura RF.

Join The Discussion

At Least 70 Killed In Major Bangladesh Fire
At Least 70 Killed In Major Bangladesh Fire [Video]
Trump Ends Shutdown, Signs Bill To Reopen Government
Trump Ends Shutdown, Signs Bill To Reopen Government [Video]
Melbourne Expecting 44C As Victoria Faces Hottest Day Since Black Saturday
Melbourne Expecting 44C As Victoria Faces Hottest Day Since Black Saturday
Maduro Rival Guaido Claims Venezuela Presidency
Maduro Rival Guaido Claims Venezuela Presidency [Video]
Cryptocurrency Market Volumes Reach Nine-Month High
Cryptocurrency Market Volumes Reach Nine-Month High
United Kingdom Does Not See Utility Token As Securities
United Kingdom Does Not See Utility Token As Securities
How To Put Crypto In Everyone’s Pocket In 2019
How To Put Crypto In Everyone’s Pocket In 2019
How To Buy Bitcoin Anonymously
How To Buy Bitcoin Anonymously
The Future Of Online Shopping
The Future Of Online Shopping
10 Marketing Trends To Watch In 2019
10 Marketing Trends To Watch In 2019
40+ Video Marketing Statistics For 2019
40+ Video Marketing Statistics For 2019 [Infographic]
Emerging Email Marketing Trends To Survive 2019 And Beyond
Emerging Email Marketing Trends To Survive 2019 And Beyond [Infographic]
YouTube Introduces One-Time Warning, New Strike Penalties
YouTube Introduces One-Time Warning, New Strike Penalties [Video]
The Latest Social Media Automation Rules In 2019
The Latest Social Media Automation Rules In 2019
4 Tips To Help You With The Constant Changes In Social Media
4 Tips To Help You With The Constant Changes In Social Media
Instagram's Testing Side-Scrolling Feed View, Similar To Stories
Instagram’s Testing Side-Scrolling Feed View, Similar To Stories
What Is Your Therapist Listening For
What Is Your Therapist Listening For?
Wish You Were Smarter
Wish You Were Smarter? These 4 Brain Hacks Can Help You Get There
Weightlifting Less Than An Hour Per Week Could Increase Your Longevity
Weightlifting Less Than An Hour Per Week Could Increase Your Longevity
Your Environment May Affect Your Eyes More Than You Realize
Your Environment May Affect Your Eyes More Than You Realize
At Least 70 Killed In Major Bangladesh Fire
At Least 70 Killed In Major Bangladesh Fire [Video]
YouTube Introduces One-Time Warning, New Strike Penalties
YouTube Introduces One-Time Warning, New Strike Penalties [Video]
Trump Ends Shutdown, Signs Bill To Reopen Government
Trump Ends Shutdown, Signs Bill To Reopen Government [Video]
Samsung Galaxy S10 Bitcoin Wallet Leaked By Insider
Samsung Galaxy S10 Bitcoin Wallet Leaked By Insider [Video]