Categories: TECH

Naukri exposed recruiter email addresses, researcher says


Naukri.com, a popular Indian employment website, has fixed a bug that exposed the email addresses of recruiters using its platform to search and hire talent online.

The issue, discovered by security researcher Lohith Gowda, affected the API that Naukri used on its Android and iOS apps. The API exposed the email addresses of recruiters visiting profiles of potential candidates on Naukri’s platform. The issue did not appear to affect the company’s website.

“The exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam,” Gowda told TechCrunch.

He added that exposed email IDs could be added to public breach databases or spam lists, and mass email address scraping could lead to automated bot abuse or scams.

TechCrunch verified the exposure after the researcher shared details about the bug. The researcher confirmed to TechCrunch that the issue was fixed earlier this week, which Naukri corroborated on Friday.

“All identified enhancements are implemented, ensuring our systems remain updated and resilient,” Alok Vij, IT infrastructure head at Naukri’s parent company InfoEdge, told TechCrunch over email. “Our teams have not detected any usual activity that affects the integrity of user data.”

Founded in March 1997, Naukri.com is India’s top classified recruitment website, helping connect recruiters, employers, and job seekers. Apart from India, the site exists in the Middle East as Naukrigulf.com.

“Certain features of our recruiter profiles are designed to be public to enable users to know who has access to their profile(s). We conduct regular audits and security assessments,” said Vij.



Source link

Mainedigitalnews.com

Share
Published by
Mainedigitalnews.com

Recent Posts

How Ukrainian Playwrights Are Defending Culture

By John Freedman, Andrii Bondarenko, Iryna Harets, Laura Cahill. Russia’s full-scale invasion of Ukraine is…

3 days ago

Quentin Dolan to take over Rangers; James Dolan steps aside

What a week for the Rangers organization. After a masterful week by Chris Drury, the…

3 days ago

Bitcoin Realized Profit Loss Ratio Falls to 43-Month Low

Bitcoin’s realized profit and loss ratio has fallen to a 43-month low of -0.35, a…

3 days ago

How a Canadian Back to the Future parody became an international cult hit

Based on the cult web series Nirvanna the Band the Show, the film stars director…

3 days ago

America the Beautiful, 250 years!

America the Beautiful, 250 years! - Marginal REVOLUTION Thank-you! You've been successfully added to the…

3 days ago

How To Teach It, Plus Helpful Resources

As AI transforms every aspect of our lives, equipping students with AI literacy is no…

3 days ago