CyberNews portal recently discovered stolen credentials of Adecco.com users from 6 South American countries were put up for sale on a popular hacking forum. Researchers estimate 5 million user records could have been compromised.
The Swiss-based Adecco Group is the second-largest human resources and temporary staff provider in the world and a Fortune 500 Global company.
CyberNews reports that the database put up for sale was from 2021 and aggregated user data from six Latin/South American countries: Peru, Brazil, Argentina, Colombia, Ecuador, and Chile.
The was taken down by the author soon after the post was published. Cybernews claims there’s reason to believe it was the same cybercriminal(s) who were the recent VPN leaks. In the attacks, 21 million records were posted online that belonged to users of three moderately popular VPN apps—SuperVPN, GeckoVPN, and ChatVPN.
Adecco did not confirm the leaked data belonged to its users yet.
But CyberNews team managed to determine that the database has been left vulnerable due to weak credentials. They state that Adecco used an Apache Cassandra database, a free and open-source database management system with default credentials.
The leaked data included the user’s full name, gender, email address, country, password (bcrypt hashes), and more.
CyberNews says the reason why the post was removed by the author so soon is that the database was probably sold quickly. If that is the case, the cybercriminals who got it could use it for various malicious tactics such as targeted spear-phishing attacks, collecting and spamming emails and phones, credential staffing users’ other online accounts.
This wasn’t the first data breach Adecco has suffered. In August 2019, Adecco Group saw the data of roughly 2,000 of its Belgian employees compromised in an attack on its partner Suprema ID Inc.