Security experts have recently discovered that an unknown user has been purportedly selling over 5 million of stolen credentials belonging to the Adecco Group on a popular hacking forum. The Adecco Group, based in Zurich, Switzerland, is the world’s second largest Human Resources provider and temporary staffing firm, and a Fortune Global 500 company.
The database leaked for sale on the hacking forum consists of 5 million records from six major Latin American/South American countries including Peru, Brazil, Argentina, Colombia, Chile, and Ecuador. Candidates’ personal data including candidate’s full name, gender, marital status, date of birth, country, address, state and login credentials like email ID and creation date, passwords etc, all are available in the leaked database.
However, Adecco did not confirm any such data breach and soon after the post was published, it was taken down by the author. It is unclear at the moment why the post was removed by the author but it may so happen that the database was sold quickly. In that case, these users’ data could be in the hands of a cybercriminal who may want to use it for various malicious purposes like targeted spear phishing attacks, collecting and spamming users’ emails and phones and brute-forcing users’ other online accounts.