A dark web user has allegedly leaked a database containing employee records linked to Glints, an online job recruitment platform in Singapore. This Glints data breach, reported on April 23, 2024, was added to a dark web forum where the sample data was leaked, specifically highlighting sensitive employee information.
According to a post shared on the nuovo BreachForums platform, the data breach purportedly contains approximately 1,000 records with personally identifiable information (PII) of Glint’s employees.
Understanding the Glints Data Breach Claims
The exposed data includes sensitive details such as names, employee IDs, designations, email addresses, dates of birth, physical addresses, national ID numbers, and even bank account information. Samples of these records were provided by the threat actor, adding weight to the claims.
The impact of this Glints data leak extends to Glints Pte Ltd and Glints Singapore Pte Ltd, two entities closely associated with the recruitment platform. With Singapore as the focal point of this incident, concerns are raised about the potential misuse of this data, especially within the professional services industry.
The post attributed to sedapmalam on the BreachForums explicitly lists a vast array of information, including employee IDs, job positions, bank details, and even personal contact details. This comprehensive data dump highlights the severity of the alleged breach and the potential risks faced by those affected.
Response to the Breach and Vulnerability Assessment Program
The Cyber Express has reached out to the requirement platform to learn more about the authenticity of the Glints data leak. However, at the time of writing this, no official statement or response has been shared, leaving the claims by sedapmalam largely unverified.
Interestingly, while the Glints website appears to be operational, there are no immediate indications of a cyberattack on the front end. This suggests that the threat actor may have targeted the organization’s database directly, circumventing traditional security measures.
Notably, Glints has a dedicated service page inviting security researchers to identify vulnerabilities within its platform. While the recruitment firm data breach and any possible connection between the vulnerability assessment platform has not been verified, the alleged leak raises questions about the stolen data being part of the program or is simply republished on the dark web platform.
As the investigation into the Glints data breach unfolds, The Cyber Express will be closely monitoring the situation. We’ll update this post once we have more information on the Glints data breach or any official confirmation from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
