Cyber Incident Victim: InfoJobs

On June 1 2025 InfoJobs disclosed that it had suffered a cyberattack in which attackers obtained a significant amount of data uploaded by candidates to their profiles. The company explained that the intrusion was carried out using credential stuffing, a technique in which attackers test large databases of usernames and passwords obtained from other breaches across multiple services, relying on the common practice of password reuse. InfoJobs stated that the attackers did not exploit a vulnerability in its own systems but instead leveraged credentials that had been previously exposed elsewhere. The platform did not reveal the exact number of affected users, noting only that the volume of stolen data was considerable. Information taken included personal details such as names, contact information, and any other data candidates had entered in their profiles. InfoJobs emphasized that the attack method highlights the risks associated with reusing login credentials across different websites. The company said it became aware of the breach through internal monitoring and subsequently launched an investigation to determine the scope of the intrusion. It confirmed that the unauthorized access had been contained and that no further compromise was detected at the time of disclosure. InfoJobs reported that it had begun notifying the individuals whose data had been accessed. The organization also said it had reinforced its security posture by implementing enhanced monitoring protocols across all of its systems.

In response to the incident InfoJobs issued a public statement advising users to remain alert for signs of suspicious activity in their accounts and to be wary of unsolicited job offers that request confidential information such as a DNI, social security number, banking details, or advance payments. The company warned that stolen data could be used in identity‑theft schemes where attackers pose as legitimate entities to gain victims’ trust. InfoJobs noted that official communications from the platform originate from domains such as @infojobs.net and encouraged users to verify the sender address before responding to any message. It also highlighted that fraudulent offers often create a sense of urgency to pressure recipients into acting quickly. To assist those affected, InfoJobs enabled a dedicated webpage containing information about the breach and steps users could take to protect themselves. The company referenced the assistance available through Spain’s National Cybersecurity Institute (INCIBE), which provides confidential support via the toll‑free number 017 and a WhatsApp line. InfoJobs said it was cooperating with relevant authorities and would continue to monitor its services for any additional anomalous behavior.

The article also notes that the Spanish Data Protection Agency (AEPD) had recently fined Carrefour 3.2 million euros for suffering multiple credential‑stuffing attacks, underscoring regulatory attention to this type of threat. InfoJobs reiterated that the incident underscores the importance of using unique passwords for each online service and maintaining strong account security practices. The platform stated that it would keep users informed of any further developments related to the breach. No additional technical details about the attackers’ identity or motivations were provided in the source material. The narrative concludes with the confirmation that InfoJobs had taken steps to notify affected users, strengthen its defenses, and provide resources for those impacted by the data theft.