Unsecured Microsoft Azure container linked to LiveCareer leaks nine years of resumes, risking mass identity theft and targeted phishing attacks.
Unsecured Cloud Storage Leaves Millions of Job Seekers Vulnerable
A misconfigured Microsoft Azure storage container linked to the job search platform LiveCareer has exposed over 5.1 million documents online. The documents—mostly resumes and CVs—contain extensive personally identifiable information (PII) and were freely accessible to anyone with internet access.
LiveCareer, founded in 2004, is a widely used platform offering resume templates, job search tools, and cover letter builders. With more than 10 million users across 180 countries, the exposure may affect at least half of its global user base.
The leaked resumes span from 2016 to 2025, revealing that some user data may have been publicly exposed for years without notice. No authentication or encryption protected the storage container, and no download restrictions were in place.
What Information Was Exposed and Why It Matters
Each resume in the breach contained sensitive details, including:
- Full names
- Phone numbers
- Email addresses
- Home addresses
- Detailed professional histories
The richness of this data makes it highly valuable for threat actors. Cybercriminals can use it to launch targeted phishing, vishing, and smishing attacks. With both contact information and employment details in hand, attackers can impersonate recruiters or employers and lure victims with fake job offers. Some schemes may ask for background checks, “training fees,” or even trick users into uploading more sensitive documents like ID scans or banking credentials.
“At the core of most resumes is an alarming amount of PII. This type of data is often used by identity thieves to create fake personalities and commit fraud,” researchers noted.
Despite multiple contact attempts, LiveCareer has not provided an official statement as of this writing.
Job Platforms Repeatedly Failing to Secure User Data
This incident is the latest in a string of resume and job platform breaches stemming from cloud misconfigurations. In 2025 alone, there were several major leaks involving platforms such as HireClick, Foh&Boh, and beWanted.
In each case, unsecured cloud infrastructure left job seekers’ private information exposed to the internet—often for months or years. A 2023 breach at Snaphunt, a remote hiring platform in Singapore, exposed over 200,000 CVs dating back to 2018.
LiveCareer’s data exposure may now be one of the largest known resume leaks in recent history, further highlighting the critical need for robust cloud security practices among hiring platforms.
Disclosure Timeline and Current Status
- Leak discovered: March 10, 2025
- Initial disclosure to platform: March 12, 2025
- CERT notified: March 19, 2025
There has been no confirmation on whether the exposed container has been secured or whether the data was accessed by malicious parties.
The Bigger Risk: Identity Theft and Exploitation
The combination of long-term data exposure and detailed PII significantly raises the threat of identity theft. Resumes offer a near-complete snapshot of a person’s professional and personal background. If exploited, this data can lead to fraudulent account creation, impersonation scams, or further data harvesting.
Given the rising frequency of cloud-based data leaks, enterprises managing large user datasets—especially platforms handling resumes, health records, or financial data—must prioritize encryption, access control, and routine configuration audits.
Why Secure Backup and Recovery Infrastructure Matters
While this particular breach stemmed from a misconfigured cloud storage container, the real-world fallout for businesses and individuals can extend much further. In similar cases, stolen PII has been used in credential stuffing attacks, fraudulent job postings, and even ransomware campaigns that begin with social engineering tactics.
Organizations that store or process large volumes of user data—especially in hiring platforms, HR software, or job boards—must not only secure front-end access and cloud configurations but also ensure their backend systems are protected from data loss, exfiltration, or manipulation.
Maintaining a reliable, immutable backup of critical systems and customer datasets becomes essential in these cases. Should attackers gain access or corrupt live systems, having a secure copy can be the difference between recovery and collapse.
Looking for a trusted recovery solution?
Defend your organization with StoneFly DR365—an air-gapped, immutable backup and recovery appliance trusted by enterprises to ensure zero data loss even in the event of complex cyberattacks.
