Cyber Incident Victim: cpjobs.com

On or around August 28, 2017, the online jobs platform cpjobs.com experienced an unauthorized third-party attack compromising user data security. The attackers conducted a second intrusion attempt on August 30, 2017, before the breach was fully contained. The company identified both intrusion events through its security monitoring systems, though the exact duration of unauthorized access prior to detection remains unspecified in available reports. In response to the compromise, cpjobs.com immediately shut down all impacted website pages to prevent further data exposure and deactivated every user account password across the platform as a precautionary measure. This forced password reset action aimed to invalidate any credentials potentially obtained by the attackers during the breach window.

The confirmed compromised information included user account data and associated passwords stored on the platform's systems. Company investigations specifically noted there was no evidence of compromise to user CVs or resume documents stored within the system, limiting the scope of exposed sensitive information. cpjobs.com issued a security notice directly on its website informing users about the breach and the protective measures implemented, including the mandatory password resets. The company did not disclose the exact number of affected users or provide specific technical details about the attack vectors employed by the threat actors. No subsequent reports indicate whether financial data or government-issued identification documents were involved in the breach. The incident marked a significant operational disruption requiring immediate containment actions followed by user notifications about the security event.