A new security failure has exposed millions of people to identity theft and online scams.
The LiveCareer data leak involves over 5.1 million unprotected files, mostly resumes, left open on the internet.
Cybernews researchers discovered the unprotected Microsoft Azure storage container earlier this year.
The exposed data puts millions of job seekers worldwide at serious risk.
What Happened: LiveCareer’s Cloud Misconfiguration
The breach is linked to LiveCareer, a popular job search and resume-building platform founded in 2004.
The company provides resume templates, cover letter builders, and career tools to users in over 180 countries.
At least half of LiveCareer’s 10 million global users could be impacted by the breach.
The files—left in an unsecured Microsoft Azure cloud container—were accessible to anyone online.
What Information Was Leaked?
The LiveCareer data leak includes highly sensitive personal details:
- Full names
- Phone numbers
- Email addresses
- Home addresses
- Complete professional histories
The documents date from 2016 to 2025, spanning nearly a decade.
This means some victims may have had their information exposed for years without knowing.
The scale of the leak is enormous.
Each resume contains personally identifiable information (PII) that criminals can use for fraud or identity theft.
How Attackers Can Exploit the Data
The exposed data gives cybercriminals everything they need for phishing and social engineering attacks.
With names, emails, and phone numbers, scammers can pose as recruiters or employers.
Victims could receive fake job offers, requests for sensitive documents, or demands for bogus training fees.
Attackers may even create fake websites to steal more information like ID scans or banking details.
The LiveCareer data leak has opened the door to highly targeted scams that can cause serious financial harm.
Company Response: Silence So Far
Cybernews has repeatedly contacted LiveCareer for an official comment.
As of now, the company has not responded or released a public statement.
This silence has added to frustration and concern among users and cybersecurity experts.
Not an Isolated Incident: A Worrying Trend
The LiveCareer data leak is the latest in a string of similar breaches targeting job seekers.
Cloud storage misconfigurations have become one of the most common causes of data exposure.
Other recruitment platforms have made similar mistakes:
- HireClick leaked 5.7 million resumes.
- Foh&Boh exposed millions of applicants for major brands.
- Take Valley News Live left sensitive job seeker data unprotected.
- beWanted leaked personal details of European job seekers.
- Snaphunt exposed over 200,000 CVs.
These repeated failures highlight how vulnerable personal data remains in the digital hiring ecosystem.
Timeline of the LiveCareer Data Leak
- Leak discovered: March 10th, 2025
- Initial disclosure: March 12th, 2025
- National cybersecurity teams notified: March 19th, 2025
Despite this timeline, the data remained accessible until security researchers intervened.
Conclusion
The LiveCareer data leak is a stark reminder of the risks job seekers face in the digital age.
A simple cloud misconfiguration has put millions at risk of fraud, scams, and identity theft.
Until stronger safeguards are in place, job seekers remain dangerously exposed.
Users should remain cautious, monitor their digital footprint, and report suspicious job offers immediately.
As more sensitive data moves online, the stakes continue to rise.
Trust must be earned—and protected—by the platforms handling such valuable information.
0 responses to “LiveCareer Data Leak Exposes Over 5 Million Resumes Online”