advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

PageUp data breach puts Anglo American job seekers at risk

PageUp is a firm that makes Human Resources (HR) software for companies to assist them with recruitment on-boarding and other HR activities. We tell you this because earlier this month PageUp experienced a data breach.

The breach saw an unauthorised person gain access to the company’s systems where they had access to personal data of individuals that applied for jobs at companies that make use of PageUp’s platform. One such firm is Anglo American.

“Anglo American has been made aware of an information security incident affecting one of our vendors, PageUp. The purpose of this note is to let you know that your data may have been affected by this incident,” the firm wrote in an email seen by htxt.africa.

“As Anglo American uses the PageUp platform, there is a risk of unauthorised access to information about you.”

It’s unclear at this stage whether data from Anglo American job seekers was compromised but the firm is playing it safe by notifying users.

Now to be absolutely clear Anglo American itself was not breached, only PageUp. That having been said the data that might have been grabbed by the unauthorised individual is extensive.

According to FAQs about the breach on the PageUp website the following information might have been taken:

  • Contact details including name, email address, physical address, and telephone number
  • Biographical details including gender, date of birth, and middle name (if applicable), nationality, and whether the applicant was a local resident at the time of the application
  • Employment details at the time of the application, including employment status, company and title. If the application was submitted for a reference check, then the following additional details may have been provided by the reference: technical skills, special skills, team size, length of tenure with company, reason for leaving that position (if applicable), and the length of relationship between the applicant and reference

Password data may have been compromised as well but PageUp says this was salted and hashed and the risk of it being compromised is low.

That having been said, some error logs from 2007 might contain incorrect passwords in plain text, because incorrect passwords can often resemble the correct password (albeit with an out of place character) and the firm has advised that these passwords be updated if still in use.

In response to this incident Anglo American is working closely with PageUp and the relevant regulatory authorities. The firm has also taken its job application portal offline and is contacting any job seekers that may be affected by the PageUp breach.

It goes without saying that following this breach you should take a few precautions especially if you receive an email from Anglo American. Firstly, if you’re reusing passwords use this time to change them and start practicing good password hygiene.

PageUp also advises users be aware of phishing scams via email and phone. With the amount of data that was potentially taken, constructing a social engineering attack is frighteningly easy.

Installing and keeping anti-virus software up to date is also advised.

UPDATE

Anglo American has provided htxt.africa with the following statement:

“Anglo American has been made aware of a breach of personal data by one of its third-party vendors, PageUp, and we are taking appropriate action to address the issue and contact those who may be affected.

PageUp provides recruitment services to a number of large companies, including the Anglo American group, and it has informed us that its systems have been accessed by an unauthorised person, thereby gaining access to certain personal data relating to job applications. PageUp cannot confirm whether data relating to Anglo American job applications has been compromised.

Anglo American takes the security of personal and other data extremely seriously. Upon being notified of a potential data breach, we disabled the application facility on our online recruitment portal that was managed by PageUp and put a temporary alternative system in place. Now that a data breach has been confirmed to us by PageUp, albeit without knowing whether data relating to Anglo American job applications has been affected, we are taking steps to contact those individuals whose personal data may have been compromised. We are of course also ensuring that we fulfil our regulatory obligations in all relevant jurisdictions.”

 

advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

Lenovo unveils new workstation laptops primed for AI work

Tesla’s humanoid robots are going on sale

Consider a prosperous career in tourism says De Lille

2024’s first big Apple event: everything you need to know

TikTok says no to paid political ads for SA elections

SPEEDRUN – Score your first job with Google’s AI assistant

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.