|
Security researcher Ian Carroll gained access by logging into an Olivia administrator account using ‘123456' as both the username and password. This gave Carroll access to sensitive information, including the names, addresses, phone numbers, and email addresses of job applicants, among other data.
Reporting the leak to Paradox.ai was challenging, as the company lacked a dedicated security team. After sending numerous emails to various employees, Carroll finally managed to get the affected account disabled, according to Techspot.
The incident raises serious concerns about the security of AI-driven recruitment tools and the protection of applicant data.
|
|