Data breach at Alltech Consulting exposes over 216,000 job seekers' personal information

Cybersecurity researcher Jeremiah Fowler has uncovered a major data exposure involving more than two million records associated with Alltech Consulting Services, a recruitment firm specializing in IT and engineering talent. The data, stored in a non-password-protected database, included sensitive personally identifiable information (PII) on over 216,000 job seekers, exposing names, phone numbers, email addresses, the last four digits of Social Security numbers, passport numbers, and work authorization visa statuses.

Alltech Consulting, which partners with over 1,000 companies in sourcing technical talent, also had confidential employer details exposed in the incident. Employer information such as names, company affiliations, email addresses, and contact numbers were accessible, alongside applicant data such as salary expectations, employment histories, and relocation preferences. The public access to this database has since been disabled, but the exposure raises serious privacy and security concerns.

Due to the detailed salary and job history information in the records, cybersecurity experts warn that the leaked data could enable targeted fraud schemes, including spear phishing campaigns and identity theft. Fowler highlighted the potential for these job seekers, particularly those in senior IT and engineering roles, to be targeted by cybercriminals who could misuse the information for extortion or identity fraud. The threat of fake job offers is also a major concern, as evidenced by an FBI warning about cryptocurrency job scams and reports of a 110% increase in job offer fraud between 2022 and 2023. Fake job scams over the past four years have led to $737 million in reported losses.

While the exposed records were labeled as belonging to Alltech Consulting, Fowler noted uncertainty regarding who managed the unprotected database and how long the data was publicly accessible. Only an internal forensic audit, he stated, can confirm the duration of exposure and determine if unauthorized parties accessed the database.