Millions of U.S. job seekers' resumes exposed in TalentHook data leak

A misconfigured cloud storage container linked to TalentHook, a U.S.-based applicant tracking system, has exposed tens of millions of resumes containing sensitive personal information of American job seekers, according to cybersecurity researchers.

The Cybernews research team discovered the breach, which involved an unsecured Azure Blob storage container holding nearly 26 million files, most of them resumes submitted through the TalentHook platform. The exposed data included full names, email addresses, phone numbers, education histories, home addresses, and employment details. TalentHook is owned by Resource Edge, a Nevada-based software solutions provider.

The leak poses significant risks to affected individuals, as the data could be weaponized for identity theft, phishing, fraud, and impersonation. Cybercriminals could exploit the information to create highly personalized scams, such as fraudulent job offers, fake training programs, or background checks that trick victims into disclosing even more sensitive data like identification documents or financial information.

"The detailed personal information in the exposed resumes enables attackers to conduct highly targeted phishing campaigns," the researchers warned. "Email addresses and phone numbers can be used in phishing emails, SMS scams, or fraudulent job offers."

The potential for harm extends beyond digital fraud. The inclusion of home addresses and contact numbers increases the risk of doxxing, publishing private details online without consent, which could lead to harassment or intimidation.

To mitigate the exposure, researchers recommend that TalentHook immediately restrict public access to the misconfigured container, revise user permissions to ensure only authorized entities have access, and conduct a thorough audit of access logs to identify any unauthorized activity. Additional steps include enabling server-side encryption, managing encryption keys through Microsoft Azure Key Vault, and adopting stronger cloud security practices such as regular audits, automated checks, and staff training.