Global recruitment platform PageUp investigating malware attack that could affect millions of job seekers

fair work

Recruitment platform PageUp has informed its millions of job-seeker users of a privacy breach, after a malware infection potentially allowed an unauthorised party to access personal job application data.

The company, which was founded in Melbourne in 1997, now operates in 190 countries with more than 2.6 million active users.

On Wednesday, PageUp posted a statement on its website confirming that on May 23, unusual activity occurred in the company’s systems. It was discovered that data may have been compromised by an external attack.

PageUp was founded by Karen and Simon Cariss more than 20 years ago, starting off as a software development company. The business evolved into a recruitment platform after they were flooded with applications for developer positions and asked their team to come up with a program for organising them.

PageUp clients include the likes of Coles, Kmart, National Australia Bank, Telstra, Australia Post, Aldi and Lindt, with the ABC also confirming the Attorney-General’s department uses the platform for recruitment processes. A number of these large companies have suspended their use of PageUp systems while discussions continue with the company.

The breach could have resulted in unauthorised access to thousands of usernames and passwords, as well as job applicant names and contact details. The company has asked job candidates to change their passwords as a safety mechanism.

PageUp also stores signed employment contracts and documents in the cloud, but has assured users these are stored in a different system and have not been compromised.

The business, in line with its obligations around data security, has notified the Australian Cyber Security Centre of the breach and the UK Information Commissioner’s Office.

“We have engaged multiple, industry leading security consultants and subject matter experts who have been assisting with mitigating this incident and conducting our ongoing investigation.  We have also taken immediate action to further harden our infrastructure through the implementation of additional technical controls and will work to establish additional training where required,” said chief executive Karen Cariss in a statement.

NOW READ: Human error (not hackers) behind most data breaches in Australia

You can help keep SmartCompany free for everyone to read

Small and medium businesses and startups have never needed credible, independent journalism and information more than now.

That’s our job at SmartCompany: to keep you informed with the news, interviews and analysis you need to manage your way through this unprecedented crisis.

Now, there’s a way you can help us keep doing this: by becoming a SmartCompany Supporter.

Even a small contribution will help us to keep doing the journalism that keeps Australia’s entrepreneurs informed.

And it’s not all one-way traffic either. SmartCompany Super Supporters get to dial into our monthly editor’s meeting and attend a monthly, invite-only webinar with a big-name entrepreneur.