Cyber Incident Victim: InfoJobs
Date:
Nov 2025
Location:
Spain
Summary
InfoJobs suffered a cyberattack that resulted in the theft of a significant amount of user data, specifically the information candidates had uploaded to their profiles. The intrusion was carried out using credential stuffing, with attackers leveraging passwords obtained from other breaches to gain unauthorized access. While the total number of affected users has not been disclosed, the platform has begun notifying those impacted and has implemented reinforced monitoring and security measures across its systems. The stolen data could be used for identity theft and fraudulent job offers posing as legitimate employers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
InfoJobs suffered a cyberattack that resulted in the theft of a significant amount of data uploaded by candidates to their profiles, according to a statement from the platform. The intrusion was carried out using credential stuffing, whereby attackers employed username and password pairs obtained from previous breaches of other services to gain unauthorized access. InfoJobs did not disclose the total number of affected users in response to inquiries from elDiario.es. The attack exploited the widespread practice of reusing the same passwords across multiple websites. The incident was reported in a news article published on June 1, 2025.
The stolen data is described as a valuable resource for cybercriminals seeking to conduct identity‑theft schemes, including impersonation of recognized companies such as InfoJobs itself to gain victims’ trust and create a sense of urgency. In its statement, InfoJobs said it is notifying the affected users and has implemented reinforced monitoring and security protocols across all of its systems. The platform also enabled a special webpage providing information for those impacted by the breach. Additionally, the Spanish Data Protection Agency (AEPD) published a fine of 3.2 million euros against Carrefour for suffering up to six consecutive credential‑stuffing attacks without adequately protecting user data.
The National Cybersecurity Institute (INCIBE) offers confidential assistance through the toll‑free number 017 and the WhatsApp line 900 116 117 for citizens, businesses and professionals needing cybersecurity support.