[BreachExchange] Remote Staff Suffers Data Breach, Customer Data Even More Remote!

Audrey McNeil audrey at riskbasedsecurity.com
Wed May 18 19:28:35 EDT 2016


https://www.riskbasedsecurity.com/2016/05/remote-staff-suffers-data-breach-customer-data-even-more-remote/

Australian based Remote Staff, an employee and job seeking portal that
helps businesses seeking Filipino workers, has suffered a data breach
leaving 89,524 job seekers details open to the public. The website is owned
and operated by Think Innovations Pty, LTD and appears to also operate a
Philippines, USA, and UK version.  On the surface it is a bit unclear as to
if all of the domains were using the same Australian based system, as they
have different IP addresses.  However, all job seeker, contractor, and
referral partner login portals redirect to thehttps://remotestaff.com.au
website, making it almost certain that this breach has affected all Remote
Staff employees and job seekers who have used this service.

When reviewing the leaked data from this breach, it includes usernames,
email addresses, encrypted user passwords, user type, and a user status.
All together there are six different types of users:

business_developer – 26
referral_partner – 186
manager – 249
subcontractor – 2,245
leads – 10,141
jobseeker – 89,524

Statistics for Remote Staff employees exposed:

remotestaff.com.au – 450
remotestaff.com.ph – 286
remotestaff.net – 110

With so many users affected, it brings the possibility of subsequent
breaches happening due to the amount of people who continue to recycle and
reuse passwords over many different web sites. Also of note, there are 475
accounts prefixed with admin@ emails suggesting that these accounts, if
breached on other systems, could lead to higher privileges.

Although this breach only contained 99,895 total credentials (including all
types of users on the site), it is another hit to the Philippines who this
year have been already been hit hard after having 55 Million voter details
leaked online.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160518/0925d747/attachment.html>


More information about the BreachExchange mailing list