Linfox seeking information after PageUp breach
Linfox is still seeking further information from human resources services firm PageUp after the company confirmed its systems were accessed by a third party.
PageUp runs a cloud-based talent management system used by companies including Linfox, Australia Post and Myer, among others, to help run their job application systems.
The HR company confirmed the malware breach has compromised the data of job applicants using the system, as well as the people those applicants named as referees, along with employees and former employees of PageUp clients.
PageUp says among the files accessed were error logs from before 2007 – which it says may have contained incorrect failed passwords in clear text – rather than the encryption that covered actual password data.
“Because failed passwords can be similar to correct passwords, if employees have not changed their password information since 2007, it would be prudent to do this now and anywhere where they may have used the same password,” PageUp says. A Linfox spokesman told
ATN that Linfox was not in that situation, as it had started using PageUp after 2007. Nonetheless, Linfox was still waiting to find out whether data relating to Linfox employees or job applicants had been affected by the breach, the spokesman says.
“Since that notification came out from PageUp and they let us know (about the breach), we have been taking steps to start communicating to the people whose data we have,” he says.
Linfox also appointed a team of employees to help manage the situation internally, he says.