Even Naukri.com, India’s largest job recruitment portal, has had a major security breach recently. This breach revealed the email addresses of hundreds of thousands of recruiters actively using the platform. Founded in March 1997, Naukri.com serves an important purpose by connecting recruiters and employers with job seekers all over the country. Security researcher Lohith Gowda recently discovered a major vulnerability. This issue affected the application programming interface (API) powering Naukri.com’s Android and iOS mobile apps.
Lohith Gowda’s research revealed serious risks that the exposed email addresses would have put individuals at risk. He noted that “the exposed recruiter email IDs can be used for targeted phishing attacks, and recruiters may receive excessive unsolicited emails and spam.” This shocking discovery highlighted the importance of having strict security protocols on digital job search platforms. Sensitive information is often left vulnerable in these lifecycle environments.
Outside of India, Naukri.com runs Naukrigulf.com serving the Middle East. The platform allows recruiters and employers alike to interact with job seekers, establishing LinkedIn as an essential tool in today’s job market. After discovering the bug, Naukri.com quickly patched the vulnerability to protect its users’ data.
Alok Vij, the IT infrastructure head at Naukri’s parent company InfoEdge, emphasized the company’s commitment to maintaining a secure environment. He stated, “All identified enhancements are implemented, ensuring our systems remain updated and resilient.” From the beginning, Naukri.com has erred on the side of caution. Safety audits The company has ongoing audits and security assessments to identify and address vulnerabilities.
In addition to enhancing security measures, Vij added that certain features of recruiter profiles are intentionally public to provide transparency. He noted, “Certain features of our recruiter profiles are designed to be public to enable users to know who has access to their profile(s). We conduct regular audits and security assessments.” This equilibrium between user privacy and operational utility is key to building confidence among all participants in the recruiting landscape.
With the rapid evolution of the digital landscape, it’s crucial for platforms like Naukri.com to be aware and prepared for potential threats. It took very little time to get this fixed. It underscores how important cybersecurity practices are for the protection of private information.
