Homerun target of hackers: data leaked to thousands of applicants
Dutch software company Homerun has been attacked by hackers. A vulnerability in Apache webserver software allowed the attackers to access all customer data. As a result, the personal data of thousands of applicants was probably stolen.
Homerun is a company with an office in Amsterdam that helps companies with the application process. Homerun has developed an online application form that candidates must complete in order to apply for a vacancy. All data entered by the applicants will end up in the Homerun database.
Well-known Homerun customers include World Press Photo, WeTransfer, Dopper, Decathlon, Mollie, Tony’s Chocolonely, Renault Nederland, the VPRO and Belsimpel. Emails in which affected companies inform their former job applicants about the leak refer to “an unknown source” who had access to “all data of Homerun’s customers”. Homerun will not confirm this.
Between Wednesday, October 20 and Thursday, October 26, 2021, strangers had access to customer data stored on the cloud server of Amazon Web Services (AWS), an Amazon
Read the article