Turnover-it

Turnover-it, headquartered in France, operated as a recruitment platform with a specific focus on the information technology sector. The company provided services designed to connect IT professionals with employment opportunities, functioning within the niche but critical field of technology talent acquisition. Its platform likely facilitated job postings, candidate searches, and application management for roles requiring technical expertise. While the precise scale of its operations is not quantified in the available information, the scope of its user base became starkly evident following a major security incident. The platform handled a considerable volume of personal data, a standard requirement for modern recruitment services, which includes profiles, resumes, and communication histories. The international composition of its user base is indicated by the presence of email addresses from global providers such as Gmail alongside others, suggesting it served a clientele beyond a purely domestic French market. This specialization in IT recruitment positioned it within a competitive segment of the human resources technology landscape, where secure handling of sensitive professional and personal information is paramount.

The organization's history is notably marked by a significant data breach disclosed in December 2020. An attacker successfully exfiltrated internal data from the platform, with the stolen information subsequently advertised for sale on illicit online markets. The compromised dataset was extensive, comprising 17 files of varying sizes and containing the personal details of over 190,000 individuals. The exposed information included names, physical addresses, email addresses, phone numbers, birth dates, hashed passwords, IP addresses, and website information. The volume of data, including more than 100,000 Gmail addresses and thousands from other major providers, underscored the breach's scale and the platform's substantial user repository. The attacker claimed responsibility for the exfiltration, which occurred in mid-December of that year. This incident represents a critical distinguishing attribute of Turnover-it, highlighting a severe failure in its data security protocols despite handling highly sensitive information. The breach would have inevitably triggered investigations under data protection regulations like the GDPR due to the company's European base and the nationality of affected individuals. The long-term operational and reputational repercussions for the platform following this event are not detailed in the provided material, but the incident remains a definitive episode in its operational timeline.