UK-based global recruitment firm PageGroup has confirmed that an alleged lone hacker broke into its network and illegally accessed job applicants' personal information. The data breach occurred when the hacker infiltrated a development server run by Capgemini, PageGroup's IT outsourcer.
PageGroup reportedly confirmed that it discovered it had been compromised on 1 November. However, it informed customers of the breach on 10 November. The data breach resulted in personal information such as names, email addresses, passwords, phone numbers, location, job type, current job and more being obtained. However, PageGroup said that none of their clients' CVs were accessed by the hacker.
A PageGroup spokesperson told the Register that the hacker who broke into their networks had no malicious intent and has claimed to have destroyed all the data that was illegally accessed. The firm further claimed that it was "confident that they have done so".
According to a PageGroup email notification sent to one of their customers and obtained by the Register, the company said: "We regret to inform you that on 1 November 2016, we were made aware that an unauthorised third party illegally gained online access to a development server used by our IT provider, Capgemini for testing PageGroup websites.
"We are sorry to tell you that the details you provided as part of your recent website activity have been identified as amongst those accessed. We know people care deeply about their data being protected so wanted you to hear this from us.
"Since we identified that your data was accessed, we have worked non-stop to fix this issue with Capgemini, who are a global leader in consulting, technology and outsourcing services. We immediately locked down our servers and secured all possible entry points to them. We carried out a detailed investigation into the nature of what happened. To reassure you, we know that the data was not taken with any malicious intent. We have requested that the third-party destroys or returns all copies of the data. They have confirmed that they have already destroyed it and we are confident that they have done so."
The firm also confirmed that their site has since been secured. The firm said it was working with Capgemini, which also handles outsourced work for the UK government, to investigate "how this incident occurred and to put in place measures to ensure it does not happen again".
Capgemini said: "Our work has established that this was not a malicious attack and we are not aware of any broader dissemination of data or fraudulent activities as a result of the incident."
It is still unclear as to how many users were affected by the data breach. Reports speculate that the breach may have been caused by a hacker, who upon discovering a vulnerability, chose to inform PageGroup instead of proceeding to put up the obtained data up for sale on the dark web.