Recruitment giant PageGroup hacked, Capgemini dev server blamed for info leak

November 11, 2016

Global recruitment giant PageGroup says a hacker infiltrated its network and accessed job applicants’ personal information.

The miscreant broke into a development system run by IT outsourcer Capgemini for PageGroup, and was able to look up job hunters’ names, email addresses, hashed passwords and more. UK-headquartered PageGroup and Capgemini both told The Register they believe the miscreant who slipped into its system had no malicious intent.

In alerts emailed to customers on Thursday – messages seen by El Reg – PageGroup warned that their records were obtained illegally by an unauthorized third party. Here’s the text of one email sent on Thursday evening, UK time:

We regret to inform you that on 1 November 2016, we were made aware that an unauthorised third party illegally gained online access to a development server used by our IT provider, Capgemini for testing PageGroup websites.

We are sorry to tell you that the details you provided as part of your recent website activity have been identified as amongst those accessed. We know people care deeply about their data being protected so wanted you to hear this from us.

Since we identified that your data was accessed, we have worked non-stop to fix this issue with Capgemini, who are a global leader in consulting, technology and outsourcing services. We immediately locked down our servers and secured all possible entry points to them. We carried out a detailed investigation into the nature of what happened. To reassure you, we know that the data was not taken with any malicious intent. We have requested that the third-party destroys or returns all copies of the data. They have confirmed that they have already destroyed it and we are confident that they have done so.

The data fields which were accessed are:

  • First name
  • Last name
  • Email address
  • Password – please note this is encrypted into a code and not readable by any third-party so there’s no need to change your password
  • Telephone number
  • Location
  • The sector you told us you work in
  • The sub sector you told us you work in
  • Job type
  • Current job (only when applying via LinkedIn)
  • Your covering message (optional field)

PageGroup has always placed the highest priority on data security and so this breach of data is deeply disappointing and of serious concern. We will continue to work to understand fully how the breach has occurred and to ensure it does not happen again. For more information please visit our FAQ page here.

PageGroup learned that it was compromised on November 1, and it took more than a week to admit it was hacked. It appears some people are affected more than others: while some customers just had their names and email addresses exposed, others lost control of more information about themselves and their work situation.

Read full story…