- An employment company has reportedly left millions of resume in a publicly available AWS bucket
- FOH & BOH has partnerships with leading food and hospitality services
- The data set is now closed but users can still be in danger
A dataset containing a staggering 5.4 million files has been discovered by researchers online, and is believed to be primarily CVS (resumption) from hiring giant FOH & BOH.
Researchers from Cybergenws discovered the publicly available AWS bucket containing the exposed items, and after ‘several attempts to reach the company’ the data set was closed.
It is not clear whether malicious actors have access to the data set, but cyber criminals often have automated tools to scan the Internet according to unprotected cases and immediately download them, so the victims still face very real risks – here’s what we know so far.
Lots of personal data
The employment platform, FOH & Boh, aims to ‘find and recruit talent for the hospitality industry’ and collaborates with independent restaurants, franchises, hospitality groups and ‘some of the world’s largest hotel chains. The platform boasts partnerships with industrial giants such as NOBU, TACO BELL and KFC.
Of course, CVS contains personally identifiable information (PII), and the research team claims that this leak includes full names, telephone numbers, e -mail addresses, social media links and employment and education history, among others.
The data was available online for a fairly significant period of Discovery on September 16, 2024, the first passing on October 22, 2024, and the leak closed on January 8, 2025.
This, like all data leaks, leaves behind those who are at risk. Primarily, the concern is identity theft, especially as a resume hand over a comprehensive set of personal details over to potential attackers.
“The leak increases the risk of identity theft significantly, enabling cyber criminals to create synthetic identities or false stories, leaving individuals exposed to a number of sophisticated cyber attacks,” the researchers said.
This may sound well known to some who, only two days ago at 425, February 2025, a large dataset containing over a million CVs stored by Valley News Live was discovered, so it’s a pretty lousy week for job seekers .
Unfortunately, data violations have become part of life for everyone online. By 2024, a single violation leaked the details of 100 million Americans (although the total amount is now reported at 190 million – so almost 75% of American adults) – which just shows no one is safe.
Also a risk of violated credentials is attacks on social technical. These often come in the form of phishing campaigns and are designed around information hackers have achieved, often appear to know the victim personally or prey to people in difficult financial situations by offering ‘Get Rich Quick’ fraud.
“Attackers could design very personalized E emails referring to specific job information or resume interests, making their phishing trials increasingly convincing,” the researchers said. “This targeted approach could deceive candidates more easily and expose them to further risks.”
How to remain safe
To protect yourself from the risk of identity theft, it is important to keep an eye on all your accounts. Monitoring your cards, statements and transactions for any suspicious activity means you can quickly identify any problems.
If a service you are using has suffered a data overgrowth, be sure to change your password – and probably your passwords to any site that will have sensitive information. If you would like some tips on how to choose a secure password, we have listed some here.
In short, include capital and lowercase letters, numbers and special characters – and never reuse a password, especially for websites that carry important information such as health or financial data.
If it all seems a little overwhelming, we’ve tested all the best password managers and the best password generators to simplify the process.
Phishing -attack is most often delivered in the form of E emails, so be very careful with any e -mail that encourages you to intervene, or someone who rushes you to click a link or download a file.
Check double domain names and e -mail addresses that SUPP0RT@Google instead of Support@Google as this is a major indicator that something may not be right.
We have created a comprehensive guide on how to see a phishing -e email to anyone who wants to make sure they are smart to scam tricks.
